writeups.xyz / Improper Privilege Management in Grails Spring Security Core <= 5.1.0 (CVE-2022-41923)

Submitter : c2a

Date: 21 March 2023

Bounty : undisclosed

Vulnerabilities :

• Privilege Escalation
• Authorization Bypass

Programs :

• Grails

Authors :

• Benjamin Sepe (@Butanal_C4H8O)
• Adrien Peter (@Taryax)

Link :
https://www.synacktiv.com/sites/default/files/2023-03/Synacktiv-Grails-Spring-Security-CVE-2022-41923.pdf