FreeMarker contains a flaw related to the 'ClassTemplateLoader' object. The issue is triggered when specifying an absolute path in template files. This may allow a remote attacker to gain access to arbitrary files.
Remote / Network Access
Loss of Confidentiality
Upgrade to version 2.3.19 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.