CVE-2013-6430 Possible XSS when using Spring MVC
Spring by Pivotal
- Spring MVC 3.0.0 to 3.2.1
- Earlier unsupported versions may be affected
Users of affected versions should apply the following mitigation:
- Users of 3.x should upgrade to 3.2.2 or later
This issue was originally reported to the Spring Framework developers by Jon Passki and the security implications brough to the attention of the Pivotal security team by Arun Neelicattu.
2014-Jan-14: Initial vulnerability report published.