Skip to content
[Jenkins]Jenkins
log in
Success

Changes

Summary

  1. Fix Spring Autobinding vulnerability (details)
Commit 7eba3c12fed82388f917e8dd9b73e86e3a311e4c by github
Fix Spring Autobinding vulnerability
1. Make authorizationRequest no longer affected by http request
parameters due to @ModelAttribute. See
http://agrrrdog.blogspot.com/2017/03/autobinding-vulns-and-spring-mvc.html
The file was modifiedopenid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java (diff)