Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server.
Apache CXF Fediz 1.4.3 and 1.3.3 are released along with a new security advisory that is fixed in these releases: CVE-2017-12631: CSRF vulnerabilities in the Apache CXF Fediz Spring plugins. http://cxf.apache.org/security-advisories.data/CVE-2017-12631.txt.asc Users who are using the Spring security plugins of Apache CXF Fediz should upgrade immediately to the latest releases. Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com