A zero-day vulnerability found in the popular Java Web application development framework Spring likely puts a wide variety of Web apps at risk of remote attack, security researchers disclosed on March 30. The vulnerability — dubbed Spring4Shell and SpringShell by some security firms — has caused a great deal of confusion over the past 24 hours as researchers struggled to determine if the issue was new, or related to older vulnerabilities.
Read full article on Dark Reading: Cloud