[seam-issues] [JBoss JIRA] (JBSEAM-5128) Add session['class'] to EL blacklist

Marek Novotny (JIRA) jira-events at lists.jboss.org
Thu Oct 10 07:14:02 EDT 2013

     [ https://issues.jboss.org/browse/JBSEAM-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Marek Novotny resolved JBSEAM-5128.

    Fix Version/s: 2.3.2.CR1
       Resolution: Done

> Add session['class'] to EL blacklist
> ------------------------------------
>                 Key: JBSEAM-5128
>                 URL: https://issues.jboss.org/browse/JBSEAM-5128
>             Project: Seam 2
>          Issue Type: Task
>          Components: EL
>    Affects Versions: 2.3.0.Final, 2.3.1.Final
>            Reporter: David Jorm
>            Assignee: Marek Novotny
>            Priority: Critical
>             Fix For: 2.3.2.CR1
> As a hardening measure, add session['class'] to EL blacklist to protect against EL remote code execution attacks.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list