GHSA-gjx9-j8f8-7j74

Impact

Vulnerability Type: Sandbox Bypass / Remote Code Execution

Affected Component: Jinjava

Affected Users:

• Organizations using HubSpot's Jinjava template rendering engine for user-provided template content
• Any system that renders untrusted Jinja templates using HubSpot's Jinjava implementation
• Users with the ability to create or edit custom code templates

Severity: Critical - allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions

Root Cause: Multiple security bypass vulnerabilities in Jinjava's sandbox mechanism:

1. ForTag Property Access Bypass: The ForTag class does not enforce JinjavaBeanELResolver restrictions when iterating over object properties using Introspector.getBeanInfo() and invoking getter methods via PropertyDescriptor.getReadMethod()

2. Restricted Class Instantiation: The sandbox's type allowlist can be bypassed by using ObjectMapper to instantiate classes through JSON deserialization, including creating new JinjavaELContext and JinjavaConfig instances

Attack Vector: An attacker with the ability to create or edit Jinja templates can:

• Access arbitrary getter methods on objects in the template context
• Instantiate ObjectMapper to enable default typing
• Create arbitrary Java classes by bypassing type allowlists
• Read files from the server filesystem (demonstrated with /etc/passwd)
• Potentially execute arbitrary code

Patches

Status: Patched - CVE-2026-25526

Users should upgrade to one of the following versions which contain fixes for this vulnerability:

• JinJava 2.8.3 or later
• JinJava 2.7.6 or later

Fix Components:

1. ForTag Security Hardening
   • Added security checks to ForTag.renderForCollection() to enforce JinjavaBeanELResolver restrictions
   • Implemented property access validation against restricted properties/methods before invoking getter methods
   • Added checks for restricted class...