3 matches found
VMware Spring Framework < 5.2.21, 5.3.x < 5.3.19 Data Binding Rules Vulnerability
The VMware Spring Framework is prone to a data binding rules vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
GHSA-G5MM-VMX4-3RG7 Improper handling of case sensitivity in Spring Framework
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the fiel...
Remote Code Execution Vulnerability in MetInfo Version 5.3.19
MetInfo is a Content Management System CMS developed using PHP and Mysql. A remote code execution vulnerability exists in MetInfo version 5.3.19, which can be exploited by an authenticated remote attacker to obtain a webshell and gain control of the server...