Cross-Domain Request Through Insecure JSONP Defaults

spring-webmvc is vulnerable to cross-domain requests. The vulnerability exists as JSONP is enabled through the jsonp and callback JSONP parameters in MappingJackson2JsonView by default...