The vulnerability of the Java framework for securing industrial applications using Spring Security stems from configuration errors related to authentication. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. This vulnerability allows attackers to expose sensitive information and enhance their privileges.

The vulnerability of the Java framework for securing industrial applications using Spring Security is related to errors in authentication configuration. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. Exploiting this vulnerability allows a...

GHSA-4VPR-XFRP-CJ64 Spring Security's authorization rules can be misconfigured when using multiple servlets

Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchersString and multiple servlets, one of them being Spring MVC’s DispatcherServlet. DispatcherServlet is a Spring...

Spring Security 安全漏洞

VMware Spring Security is a security framework from VMware that provides illustrative security protection for Spring-based applications. A security vulnerability exists in Spring Security that stems from an authorization rule misconfiguration when using multiple servlets. Affected Products and...