A flaw was found in Spring Security in combination with Spring Framework versions prior to 5.0.6 contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
References:
https://pivotal.io/security/cve-2018-1258
Updating the flaw description:
A flaw was found in Spring Security in combination with Spring Framework version 5.0.5.RELEASE only, contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.