2024-07-12 00:00:00
mitre
PUBLISHED
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept.