2 matches found
Debian Security Advisory DSA 2359-1 (mojarra)
The remote host is missing an update to mojarra announced via advisory DSA 2359-1. OpenVAS Vulnerability Test $Id: deb23591.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2359-1 mojarra Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian DSA-2359-1 : mojarra - EL injection
It was discovered that Mojarra, an implementation of JavaServer Faces, evaluates untrusted values as EL expressions if includeViewParameters is set to true. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...