CVE-2024-22257 Information
Mar 19, 2024
cve
Description
In Spring Security versions 5.7.x prior to 5.7.12 5.8.x prior to 5.8.11 versions 6.0.x prior to 6.0.9 versions 6.1.x prior to 6.1.8 versions 6.2.x prior to 6.2.3 an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVotervote passing a null Authentication parameter.
Reference
https://spring.io/security/cve-2024-22257
Share on: