[seam-issues] [JBoss JIRA] Commented: (JBSEAM-4676) Seam param - disabling EL expression evaluation

Friday, 30 July 2010



    [
https://jira.jboss.org/browse/JBSEAM-4676?page=com.atlassian.jira.plugin....
] 

Marek Novotny commented on JBSEAM-4676:
---------------------------------------

this fixes CVE-2010-1871 and JBoss would like to thank Meder Kydyraliev of the Google
Security Team for responsibly reporting this issue

...
 Seam param - disabling EL expression evaluation
 -----------------------------------------------

                 Key: JBSEAM-4676
                 URL: https://jira.jboss.org/browse/JBSEAM-4676
             Project: Seam
          Issue Type: Bug
          Components: EL
    Affects Versions: 2.1.0.GA, 2.1.1.GA, 2.1.2.GA, 2.2.0.CR1, 2.2.0.GA, 2.2.1.CR1
            Reporter: Marek Novotny
            Assignee: Marek Novotny
            Priority: Critical
             Fix For: 2.2.1.CR2


 Disabling Seam EL expression evaluation in HTTP parameter actionOutcome 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[seam-issues] [JBoss JIRA] Commented: (JBSEAM-4676) Seam param - disabling EL expression evaluation