Announcement Announcement Module
Collapse
No announcement yet.
Spring Expression Language security issue caused by remote code injection Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Expression Language security issue caused by remote code injection

    I read the following article that talks about the EL risk.

    http://www.networkworld.com/news/201...rk-265923.html

    We currently use Spring 3.0.4.

    Can anyone share knowledge about whether this issue has been fixed so we can still use it without disabling the feature? If so, which version? thanks.

  • #2
    Despite being a new article, this is a very old bug report. Please read the comments of the article you linked to which specifies more details about the bug including the details about the fix.

    Comment

    Working...
    X