3 matches found
CVE-2026-22737
Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Spring Framework: from 7.0.0 through 7.0.5, from 6.2.0...
UBUNTU-CVE-2026-22737
Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Spring Framework: from 7.0.0 through 7.0.5, from 6.2.0...
Stored Cross-site Scripting Vulnerability in Template/View.aspx Page of Shanghai Excellence Ruixin Digital Technology Co.
Excellence Course Center System is a teaching and learning system specially developed by Shanghai Excellence Ruixin Digital Technology Co. for teaching in colleges and universities. A stored cross-site scripting vulnerability exists in the comments of the Template/View.aspx page of the Excellence...