Spring Expression Language (SpEL) Injection

com.nepxion:discovery-common is vulnerable to spring expression language injection. The vulnerability exists because eval method in DiscoveryExpressionResolver.java is evaluating expression with a StandardEvaluationContext, allowing an attacker to inject and execute malicious SpEL, leading to...