Bugcrowd Security Flash - Spring4Shell: What It Is and How To Address It

On March 31st, 2022, a zero-day vulnerability found in the popular Java Web application development framework Spring put numerous Web applications at risk of a remote attack. The flaw, dubbed Spring4Shell and SpringShell, has caused a great deal of confusion over the past 24 hours as the security community tries to determine if the issue is in fact new, or related to older vulnerabilities.

As of March 31st, 2022, Spring has confirmed the zero-day vulnerability and has released Spring Framework …

address application application development applications attack bugcrowd deal development flash flaw framework great java march popular risk security spring spring4shell springshell vulnerability web web application web applications zero-day zero-day vulnerability