[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: includeViewParameters re-evaluates
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2011-11-29 5:21:34
Message-ID: 4ED46BDE.8010709 () redhat ! com
[Download RAW message or body]
On 11/28/2011 10:16 PM, David Jorm wrote:
> It has been found that when includeViewParameters is set to true, JSF 2 as implemented by \
> Mojarra and MyFaces will re-evaluate parameter/model values as EL expressions.
> Original bug:
> http://java.net/jira/browse/JAVASERVERFACES-2247
>
> MyFaces bug:
> https://issues.apache.org/jira/browse/MYFACES-3405
>
> Write-up/reproducer:
> http://www.jakobk.com/2011/11/jsf-value-expression-injection-vulnerability/
>
> Thanks
Please use CVE-2011-4358 for the Mojarra instance of this vulnerable.
Please use CVE-2011-4359 for the MyFaces instance of this vulnerable.
--
-Kurt Seifried / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic