Download
| Alert*
CVE-2018-11039 -- libspring-java
Spring Framework allow web applications to change the HTTP request method to any HTTP method using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user can use this filter to escalate to an XST attack.
|