Spring Web Flow is vulnerable to a data binding expression vulnerability. The vulnerability is possible because the MvcViewFactoryCreator useSpringBinding
property is set to false by default. Therefore, the applications which use the default settings are vulnerable to malicious EL expressions in view states, allowing form submissions from setting fields on the target object that should not be set.
CPE | Name | Operator | Version |
---|---|---|---|
spring web flow | le | 2.4.4.RELEASE |