Data Binding Vulnerability in Spring Web Flow with Unified EL Parser
Applications that configure the WebFlowELExpressionParser are vulnerable to the use of malicious Unified EL expressions.
Affected versions:
Spring Web Flow 4.0.0; 3.0.0 through 3.0.1; 2.5.0 through 2.5.1.
Description: CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement
Metrics
Version
Base score
Base severity
Vector
3.1
6.4
MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Version:3.1
Base score:6.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC ID
Description
N/A
An attacker who can influence EL expressions evaluated by WebFlowELExpressionParser can inject malicious Unified EL expressions and execute unintended logic.
CAPEC ID: N/A
Description: An attacker who can influence EL expressions evaluated by WebFlowELExpressionParser can inject malicious Unified EL expressions and execute unintended logic.