|
|
Log in / Subscribe / Register

springframework: Reflected File Download (RFD) attack

Package(s):springframework CVE #(s):CVE-2015-5211
Created:November 2, 2015 Updated:November 5, 2015
Description: From the Red Hat bugzilla:

Under some situations, the Spring Framework is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.

Alerts:
Mageia MGASA-2015-0426 springframework 2015-11-04
Fedora FEDORA-2015-9295d75400 springframework 2015-11-01
Fedora FEDORA-2015-693035254a springframework 2015-11-01
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds