Strange ...I'm actually surprised your example is vulnerable. I remember toying around with the original exploit example and it only worked if the parameter was anotated with @ModelAttribute, as commented here ...I wonder what the difference is.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Strange ...I'm actually surprised your example is vulnerable. I remember toying around with the original exploit example and it only worked if the parameter was anotated with
@ModelAttribute
, as commented here ...I wonder what the difference is.