1 matches found
RichFaces: Remote Command Execution via insufficient EL parameter sanitization
It was found that the 'do' parameter permitted expression language EL injection, which could allow a remote attacker to execute Java methods on an affected server...