Spring Framework: High Severity Vulnerability Found in Versions 5.3.x and 6.x

In Spring Framework versions 5.3.0, 5.3.33, 6.0.0, 6.0.18, 6.1.0, and 6.1.5 a high-severity vulnerability CVE-2024-22262 was detected. This vulnerability could allow a remote attacker to conduct phishing attacks due to an open redirect vulnerability in UriComponentsBuilder. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary websites. Upgrading to version 5.3.34, 6.0.19, or 6.1.6 fixes this vulnerability. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-22262/.