Tagged: Spring WebFlux

November 1, 2024

PoC Exploit Releases for Spring WebFlux Authorization Bypass – CVE-2024-38821

The researcher published the technical details and a proof-of-concept (PoC) exploit for CVE-2024-38821 (CVSS 9.1). This vulnerability, affecting versions of Spring WebFlux, allows attackers to access restricted resources under certain...

Vulnerability

October 28, 2024

CVE-2024-38821 (CVSS 9.1) Allows Authorization Bypass in Spring WebFlux Applications

In a recent security advisory, Spring Security disclosed CVE-2024-38821, a critical vulnerability impacting WebFlux applications, with a CVSS severity score of 9.1. The flaw enables an “authorization bypass of static...