SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Spring Data MongoDB SpEL Expression Injection 2

Category: WEB-ATTACKS      

A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.


Relevant Information