[seam-issues] [JBoss JIRA] (JBSEAM-5128) Add session['class'] to EL blacklist
Marek Novotny (JIRA)
jira-events at lists.jboss.org
Thu Oct 10 07:14:02 EDT 2013
[ https://issues.jboss.org/browse/JBSEAM-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marek Novotny resolved JBSEAM-5128.
-----------------------------------
Fix Version/s: 2.3.2.CR1
Resolution: Done
> Add session['class'] to EL blacklist
> ------------------------------------
>
> Key: JBSEAM-5128
> URL: https://issues.jboss.org/browse/JBSEAM-5128
> Project: Seam 2
> Issue Type: Task
> Components: EL
> Affects Versions: 2.3.0.Final, 2.3.1.Final
> Reporter: David Jorm
> Assignee: Marek Novotny
> Priority: Critical
> Fix For: 2.3.2.CR1
>
>
> As a hardening measure, add session['class'] to EL blacklist to protect against EL remote code execution attacks.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list