Spring4Shell

Spring4Shell: No need to panic, but mitigations are advised Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began circulating online. Thanks to many security researchers, the situation is a bit clearer today and there’s no need to panic just yet: Unlike Log4Shell, this new flaw – with no official…