cve/CVE-2018-1258.md at 18943f3353ca1cc3fd2595afa412856465e29c78

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

POC

Reference

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Github

https://github.com/abhav/nvd_scrapper
https://github.com/diakogiannis/moviebook
https://github.com/ilmari666/cybsec

1.3 KiB Raw Blame History

CVE-2018-1258

Description

POC

Reference

Github

1.3 KiB

Raw Blame History