1 matches found
Primetek Primefaces Weak Encryption Remote Code Execution (CVE-2017-1000486)
Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password...