Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview org.apache.commons:commons-beanutils2 is a package that provides an easy-to-use but flexible wrapper around reflection and introspection. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the getProper...

Authorization Bypass

commons-beanutils2 is vulnerable to authorization bypass. The vulnerability exists as the class property of Java objects are able to get access to the classloader by default...