6.9 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.2%
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.
tanzu.vmware.com/security/cve-2022-22980