Apache Commons Text below 1.10.0 RCE Vulnerability POC
https://mvnrepository.com/artifact/org.apache.commons/commons-text - Any version below 1.10.0 is vulnerable. If you're using any older version and making use of StringSubstitutor Interpolator then please upgrade it to 1.10.0 or else do not use StringSubstitutor Interpolator
Apart from the above use-case any other library making use of StringSubstitutor with Interpolator then such library is also vulnerable. One such library is Apache Common Configuration (https://securitylab.github.com/advisories/GHSL-2022-017_Apache_Commons_Configuration/)
