VMware SpringSource Grails prior to 1.3.8, and 2.x prior to 2.0.2, does not properly restrict data binding, which might allow remote malicious users to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
springsource grails 1.3.2 |
||
springsource grails 1.3.1 |
||
springsource grails 1.1.2 |
||
springsource grails 1.1.1 |
||
springsource grails 1.1.0 |
||
springsource grails 1.3.4 |
||
springsource grails 1.3.3 |
||
springsource grails 1.2.1 |
||
springsource grails 1.2.0 |
||
springsource grails 1.3.6 |
||
springsource grails 1.3.5 |
||
springsource grails 1.3.0 |
||
springsource grails 1.2.2 |
||
springsource grails |
||
springsource grails 2.0 |
||
springsource grails 2.0.1 |