MEDIUM 5.9 Maven
Spring Framework Cross Site Tracing (XST)
GHSA-9gcm-f4x3-8jpw · CVE-2018-11039
Published · Modified
Description
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-11039
- WEB https://github.com/spring-projects/spring-framework/issues/21376
- WEB https://github.com/spring-projects/spring-framework/commit/323ccf99e575343f63d56e229c25c35c170b7ec1
- WEB https://github.com/spring-projects/spring-framework/commit/a5cd01a4c857aaaba7ccc51545fc73dd25b5cba5
- WEB https://github.com/spring-projects/spring-framework/commit/dac97f1b7dac3e70ff603fb6fc9f205b95dd6b01
- WEB https://github.com/spring-projects/spring-framework/commit/f2694a8ed93f1f63f87ce45d0bb638478b426acd
- WEB https://github.com/spring-projects/spring-framework/commit/f64fa3dea10af125d612d3a997aece93d21bc875
- WEB https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- WEB https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- WEB https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- WEB https://www.oracle.com/security-alerts/cpuoct2021.html
- WEB https://www.oracle.com/security-alerts/cpujul2020.html
- WEB https://www.oracle.com/security-alerts/cpujan2020.html
- WEB https://spring.io/security/cve-2018-11039
- WEB https://pivotal.io/security/cve-2018-11039
- WEB https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html
- PACKAGE https://github.com/spring-projects/spring-framework
- ADVISORY https://github.com/advisories/GHSA-9gcm-f4x3-8jpw
- WEB http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- WEB http://www.securityfocus.com/bid/107984
Ready to move
Start Securing
Free, no credit card | First findings in minutes