CVE-2018-16341 - Nuxeo Remote Code Execution without authentication using Server Side Template Injection - View it on GitHub