Data format extension for Jackson cross-site request forgery vulnerability
Data format extension for Jackson aka jackson-dataformat-xml is an extension module for providing alternative support for serialized POJO classes for XML and deserialized XML. A security vulnerability exists in XmlMapper in the Data format extension for Jackson. A remote attacker could exploit th...