← back
CVE-2012-1833

CVE-2012-1833

EPSS 1.4%
VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/51113http://support.springsource.com/security/cve-2012-1833http://www.securityfocus.com/bid/55763