commonly-used-taint-config.sink.injection.spring-framework.file-disclosure.README.adoc Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of tai-e Show documentation
Show all versions of tai-e Show documentation
An easy-to-learn/use static analysis framework for Java
The newest version!
= Description
- **Overview**:
These APIs are methods from Spring MVC used to create and manipulate ModelAndView objects. ModelAndView is a class in Spring MVC used to return model data and view names, enabling data binding to the view for rendering.
- **Common Use Cases**:
These APIs are commonly used to create and manipulate ModelAndView objects, for page navigation, data passing, and dynamic view resolution.
- **Security Risks**:
File Disclosure: If attackers gain control over the creation of ModelAndView objects, they can craft malicious requests to access sensitive files, such as configuration files or application class/jar files.
© 2015 - 2025 Weber Informatics LLC | Privacy Policy