CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java Spring ecosystem.
InfoWorld

A fresh look at the Spring Framework

The Spring Framework is possibly the most iconic software development framework of all time. It once suffered from a reputation of bloat, but it has long since shed that perception. The heart of ...