Vulnerabilities (CVE)

Filtered by vendor Springsource Subscribe
Filtered by product Grails
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-1833 1 Springsource 1 Grails 2024-11-21 5.0 MEDIUM N/A
VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.