vijayforindia / deserialization Goto Github PK
View Code? Open in Web Editor NEWDeserialization of untrusted data is vulnerable when it is done using JDK native serialisation. It can be barred by implementing ObjectInputFilter which is given in jdk9. As per my information if we r using 1.8., so this solution is suggested.