CVE-2022-22980

Posted on by admin

CVE-2022-22980

A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.

Source: CVE-2022-22980

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다