GoTo’s Response to Spring4Shell – Not Impacted
On March 31, 2022, the Cybersecurity and Infrastructure Agency (CISA) identified a vulnerability known as Spring4Shell which impacted a meaningful subset of the software industry. The security of our services and customer data is a top priority for GoTo. Upon becoming aware of the vulnerability, GoTo promptly kicked off an investigation to determine any potential impact associated with Spring4Shell.
Based on our current analysis and understanding of the issue, we have determined that your product is not affected and you do not need to take any action at this time. We will continue to monitor the situation and ensure that our customers remain up to date should the situation change or if any action is required.