Description

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.

Remediation

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/107984

https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html

https://pivotal.io/security/cve-2018-11039

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpuoct2021.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Related Vulnerabilities

CVE-2019-15477 Vulnerability in maven package org.jooby:jooby

CVE-2019-8331 Vulnerability in maven package org.webjars.bowergithub.twbs:bootstrap

CVE-2023-40313 Vulnerability in maven package org.opennms:opennms-base-assembly

CVE-2015-8855 Vulnerability in npm package semver

CVE-2021-21331 Vulnerability in maven package com.datadoghq:datadog-api-client

Severity

Medium

Classification

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Patch Third Party Advisory Broken Link VDB Entry Mailing List Mitigation Vendor Advisory NVD-CWE-noinfo