Uploaded image for project: 'Spring Web Flow'
  1. Spring Web Flow
  2. SWF-1700

CVE-2017-4971: Avoid use of SpEL parser for empty value expressions

    XMLWordPrintable

    Details

      Description

      This ticket is for fixing CVE-2017-4971.

        Attachments

          Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. SWF-1711 CVE-2017-8039: Validate data binding expression in AbstractMvcView

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              Assignee:
              rstoya05-aop Rossen Stoyanchev
              Reporter:
              rstoya05-aop Rossen Stoyanchev
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: