CVE Catalog

CVE-2026-40986

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile — higher than 10% of all known CVEs

Summary

Spring Web Flow's JavaScript RemotingHandler renders the body of an error response as HTML even when the response is not 'text/html'. This can lead to a scripting attack in the user's browser if the error response from the server contains error details with input reflected from an attacker.

Risk Assessment

The organization may be exposed to scripting attacks that could lead to user data theft or session hijacking. Specifically, if an attacker can inject malicious data, the risk increases.

Recommendation

It is recommended to upgrade to the latest version of Spring Web Flow to minimize the risk associated with this vulnerability. An audit of the application should also be conducted to identify potential attack vectors.

Original NVD description (English source)

Spring Web Flow's JavaScript RemotingHandler renders the body of an error response as HTML even when the response is not "text/html", which can result in a scripting attack in the user's browser if the error response from the server contains error details with input reflected from an attacker. Affected versions: Spring Web Flow 4.0.0; 3.0.0 through 3.0.1; 2.5.0 through 2.5.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS