[seam-issues] [JBoss JIRA] (JBSEAM-5128) CLONE - Add session['class'] to EL blacklist

Marek Novotny (JIRA) jira-events at lists.jboss.org
Thu Oct 10 06:47:02 EDT 2013

     [ https://issues.jboss.org/browse/JBSEAM-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Marek Novotny moved WFK2-204 to JBSEAM-5128:

              Project: Seam 2  (was: JBoss WFK 2)
                  Key: JBSEAM-5128  (was: WFK2-204)
           Issue Type: Task  (was: Bug)
             Workflow: GIT Pull Request workflow   (was: CDW v1)
    Affects Version/s: 2.3.1.Final
                           (was: 2.3.0.GA)
          Component/s: EL
                           (was: Seam 2)
             Security:     (was: JBoss Internal)
       Target Release:   (was: 2.4.0.GA)

> CLONE - Add session['class'] to EL blacklist
> --------------------------------------------
>                 Key: JBSEAM-5128
>                 URL: https://issues.jboss.org/browse/JBSEAM-5128
>             Project: Seam 2
>          Issue Type: Task
>          Components: EL
>    Affects Versions: 2.3.1.Final, 2.3.0.Final
>            Reporter: David Jorm
>            Assignee: Marek Novotny
>            Priority: Critical
> As a hardening measure, add session['class'] to EL blacklist to protect against EL remote code execution attacks.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list