CVE-2025-64408 Apache Causeway: Java deserialization vulnerability to authenticated attackers

Apache Causeway faces Java deserialization vulnerabilities that allow remote code execution RCE through user-controllable URL parameters. These vulnerabilities affect all applications using Causeway's ViewModel functionality and can be exploited by authenticated attackers to execute arbitrary cod...