Weakness Name | Source | |
---|---|---|
Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. |
||
Improper Restriction of XML External Entity Reference The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. |
Metrics | Score | Severity | CVSS Vector | Source |
---|---|---|---|---|
V2 | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P | [email protected] |
Pivotal_software>>Spring_framework >> Version From (including) 3.0.0 To (including) 3.2.4
Vmware>>Spring_framework >> Version 4.0.0
Vmware>>Spring_framework >> Version 4.0.0
Vmware>>Spring_framework >> Version 4.0.0