From 574e07f1f6fc3f6992e53e9f29ea3a2d8cc2fc92 Mon Sep 17 00:00:00 2001
From: Jan Oberhauser <jan.oberhauser@gmail.com>
Date: Sun, 21 Nov 2021 23:13:40 +0100
Subject: [PATCH] :bug: Improve expression security

---
 packages/workflow/src/Expression.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/workflow/src/Expression.ts b/packages/workflow/src/Expression.ts
index b7fd4d0138..0ecc6e0a93 100644
--- a/packages/workflow/src/Expression.ts
+++ b/packages/workflow/src/Expression.ts
@@ -117,6 +117,8 @@ export class Expression {
 
 		// Execute the expression
 		try {
+			// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+			tmpl.tmpl('{{global=this;}}', data);
 			// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
 			const returnValue = tmpl.tmpl(parameterValue, data);
 			if (typeof returnValue === 'function') {