CVE-2026-41846
A flaw was found in Spring MVC applications, part of the Spring Framework. This vulnerability allows a remote attacker to inject arbitrary HTML or JavaScript code due to improper handling of user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags. Successful...