Server marshallers/transcoders don't support whitelist when deserializing ------------------------------------------------------------------------- Key: ISPN-9116 URL: https://issues.jboss.org/browse/ISPN-9116 Project: Infinispan Issue Type: Bug Components: Server Affects Versions: 9.3.0.Final, 9.2.5.Final Reporter: Gustavo Fernandes Assignee: Gustavo Fernandes Fix For: 9.4.0.Alpha1, 9.4.0.Final, 9.3.1.Final The server deserializes binary payloads and json/xml payload without any checks. This happens when: * Compatibility mode is on * Remote listeners with filters * Remote iteration with filters * Remote tasks with parameters * Server is configured with MediaType.APPLICATION_OBJECT * Potentially with JSON and XML contents sent via REST The remote endpoints affected are REST, Hot Rod and Memcached.