diff --git a/src/main/java/run/halo/app/config/WebMvcAutoConfiguration.java b/src/main/java/run/halo/app/config/WebMvcAutoConfiguration.java
index 08b76bfb7..7035007b0 100644
--- a/src/main/java/run/halo/app/config/WebMvcAutoConfiguration.java
+++ b/src/main/java/run/halo/app/config/WebMvcAutoConfiguration.java
@@ -1,6 +1,7 @@
 package run.halo.app.config;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
+import freemarker.core.TemplateClassResolver;
 import freemarker.template.TemplateException;
 import freemarker.template.TemplateExceptionHandler;
 import lombok.extern.slf4j.Slf4j;
@@ -131,6 +132,9 @@ public class WebMvcAutoConfiguration implements WebMvcConfigurer {
 
         // Predefine configuration
         freemarker.template.Configuration configuration = configurer.createConfiguration();
+
+        configuration.setNewBuiltinClassResolver(TemplateClassResolver.SAFER_RESOLVER);
+
         if (haloProperties.isProductionEnv()) {
             configuration.setTemplateExceptionHandler(TemplateExceptionHandler.RETHROW_HANDLER);
         }