U.S. Dept Of Defense: Swagger UI Injection via Config URL - `███`

A Swagger UI injection vulnerability was identified on a specific endpoint. The issue allowed an attacker to inject custom JSON configuration into the Swagger UI, potentially leading to unspecified consequences...

This Week in Spring - February 14th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! Friends, tomorrow is Valentine's day, and I love Spring. So, it's a very exciting thing indeed to be able to share this week's jam-packed roundup. Let's dive right into it! Spring Tools 4.21.1 is now available In the latest...

Jetbrains IntelliJ IDEA 代码注入漏洞

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains Czech Republic.JetBrains IntelliJ IDEA versions prior to 2022.1 contain a code injection vulnerability that could be exploited to execute native code via HTML descriptions in custom JSON...