| |
Vulnerability CVE-2022-22978
Published: 2022-05-19
Description: |
In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. |
References: |
https://tanzu.vmware.com/security/cve-2022-22978
|
|
|
Copyright 2024, cxsecurity.com
|
|
|