Skip to content

[CVE-2023-20863] CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement from spring-expression@6.0.6 #89

Open
Open
[CVE-2023-20863] CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement from spring-expression@6.0.6#89
@javier-godoy

Description

@javier-godoy
javier-godoy
opened on Sep 12, 2023

[CVE-2023-20863] CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
pkg:maven/com.flowingcode.backend-core/backend-core-business-spring-impl@1.0.0
pkg:maven/org.springframework.data/spring-data-jpa@3.0.3
pkg:maven/org.springframework/spring-context@6.0.6
pkg:maven/org.springframework/spring-expression@6.0.6

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions