Description

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.

Remediation

References

http://jira.jboss.com/jira/browse/JBSEAM-2084

http://osvdb.org/42631

http://secunia.com/advisories/28077

http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866

http://www.redhat.com/support/errata/RHSA-2008-0151.html

http://www.redhat.com/support/errata/RHSA-2008-0158.html

http://www.redhat.com/support/errata/RHSA-2008-0213.html

http://www.securityfocus.com/bid/26850

http://www.vupen.com/english/advisories/2007/4215

Related Vulnerabilities

CVE-2023-33725 Vulnerability in maven package org.broadleafcommerce:broadleaf

CVE-2018-16493 Vulnerability in npm package static-resource-server

CVE-2022-46685 Vulnerability in maven package org.jenkins-ci.plugins:gitea

CVE-2020-36183 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2022-0691 Vulnerability in npm package url-parse

Severity

Critical

Classification

CWE-20

Tags

Exploit Vendor Advisory