Description
The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.
Remediation
References
Related Vulnerabilities
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.13)
WordPress Plugin Add Link to Facebook Multiple Cross-Site Scripting Vulnerabilities (1.215)
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5495)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-9064)