A flaw was found in Spring Framework, specifically within two modules called Spring MVC and Spring WebFlux, , using parameter data binding. This flaw allows an attacker to pass specially-constructed malicious requests to certain parameters and possibly gain access to normally-restricted functionality within the Java Virtual Machine