Server-Side Template Injection (SSTI) vulnerability in jFinal allows a remote attacker to execute arbitrary code via the template function.
