VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding

Opsfolio Community
March 31, 2022, 2 years ago
117

Overview The Spring Framework insecurely handles PropertyDescriptor objects, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Spring Framework is a Java framework that can be used to create applications such as web applications. Due to improper handling of PropertyDescriptor objects used with data binding, Java applications written with Spring may allow for the execution of arbitrary code. Impact By providing crafted data to a Spring Java application, such as a web...

Source: https://kb.cert.org/vuls/id/970766

VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding

VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process