2 matches found
Server-Side Request Forgery (SSRF)
Spring Web Services is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of WS-Addressing ReplyTo and FaultTo headers, where destinations supplied in incoming requests are used directly by configured WebServiceMessageSender instances to initiate...
Server-side Request Forgery (SSRF)
Overview org.springframework.ws:spring-ws-core is a product of the Spring community focused on creating document-driven Web services. Spring Web Services aims to facilitate contract-first SOAP service development, allowing for the creation of flexible web services using one of the many ways to...