CVE-2018-1256
CVE-2018-1256 relates to Spring Cloud SSO Connector 2.1.2, where a regression disables issuer validation in resource servers not bound to the SSO service. In PCF environments with multiple SSO service plans, an attacker could authenticate against unbound resource servers using tokens from another...