Description
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
Remediation
References
http://jira.jboss.com/jira/browse/JBSEAM-2084
http://osvdb.org/42631
http://secunia.com/advisories/28077
http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866
http://www.redhat.com/support/errata/RHSA-2008-0151.html
http://www.redhat.com/support/errata/RHSA-2008-0158.html
http://www.redhat.com/support/errata/RHSA-2008-0213.html
http://www.securityfocus.com/bid/26850
http://www.vupen.com/english/advisories/2007/4215
Related Vulnerabilities
CVE-2020-5259 Vulnerability in maven package org.webjars.bower:dojox
CVE-2020-7722 Vulnerability in npm package nodee-utils
CVE-2019-13236 Vulnerability in maven package org.opencms:opencms-core
CVE-2023-29524 Vulnerability in maven package org.xwiki.platform:xwiki-platform-scheduler-ui
CVE-2022-40145 Vulnerability in maven package org.apache.karaf.jaas:org.apache.karaf.jaas.modules