A zero-day exploit affecting the Spring Framework versions (5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions was made public on March 30, 2022, allowing an unauthenticated attacker to execute arbitrary code on the target system.
Citrix recommends that customers …
The post Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF (CVE-2022-22963 / CVE-2022-22965) first appeared on Citrix Blogs.