

Remote Execution Flaws a Risk to Spring Framework Applications - techinsidr
http://www.securityweek.com/remote-execution-flaws-risk-spring-framework-applications

======
mthomas
There is no information in that article except generic language about
injection.

I believe this is the actual advisory:
[http://www.mindedsecurity.com/fileshare/ExpressionLanguageIn...](http://www.mindedsecurity.com/fileshare/ExpressionLanguageInjection.pdf)

It appears that spring double evaluates the expressions, so you can send a
request param that is an EL expression that references values present in the
server environment.

