Spring Framework Expression Language JSP Attributes Handling Information Disclosure Vulnerability

Spring Framework is prone to an information-disclosure vulnerability that occurs on Servlet/JSP containers which support Expression Language (EL).

Remote attackers can exploit this issue to gain access to sensitive information of web applications developed using this framework. This may aid in further attacks.


Privacy Statement
Copyright 2010, SecurityFocus