RSS   Vulnerabilities for 'SEAM'   RSS

2007-12-18
 
CVE-2007-6433

CWE-20
 

 
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.

 

 >>> Vendor: Jboss 10 Products
SEAM
Jboss
JBPM
Jboss application server
Enterprise application platform
Ironjacamar
Jboss enterprise application server
Red hat jboss data virtualization
Teiid
Jboss-remoting


Copyright 2024, cxsecurity.com

 

Back to Top