Vulnerabilities > Pivotal > Spring Security Oauth > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-25 | CVE-2016-4977 | Data Processing Errors vulnerability in Pivotal Spring Security Oauth When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type. | 8.8 |