Spring Security has released a security update to address a vulnerability in the Spring Security.  A remote attacker could exploit this vulnerability to access administrative functions without proper authentication.

For a complete description of the vulnerabilities and affected systems go to CVE-2022-31692: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security.

IT Security

Read more about IT Security service offerings.