Spring Security < 5.5.7 / 5.6.x < 5.6.4 授权绕过

语言：

版本 1.2 Sep 6, 2023, 4:18 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202309061618
版本 1.1 Jan 27, 2023, 4:02 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") Exploit attributes ("Exploit available" set to "False") Exploit attributes ("Exploitability ease" set to "No known exploits are available") Plugin Feed: 202301271602
版本 1.0 Jan 26, 2023, 1:58 PM New Plugin Feed: 202301261358

* Changelogs are generally available for changes made after Nov 1, 2022