Vulnerabilities > Pivotal > Spring Security Oauth > High

DATE CVE VULNERABILITY TITLE RISK
2017-05-25 CVE-2016-4977 Data Processing Errors vulnerability in Pivotal Spring Security Oauth
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
network
low complexity
pivotal CWE-19
8.8