VMware offers training and certification to turbo-charge your progress.Learn more
We have released Spring Security 5.0.1, 4.2.4, and 4.1.5 to address CVE-2018-1199: Security bypass with static resources Users are encouraged to update immediately.
One of the changes introduced for this CVE was setting
StrictHttpFirewall as the default
HttpFirewall. User’s can refer to the Javadoc and reference for additional information on how to configure it.