Description

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.

Remediation

References

http://jira.jboss.com/jira/browse/JBSEAM-2084

http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866

http://secunia.com/advisories/28077

http://www.redhat.com/support/errata/RHSA-2008-0158.html

http://www.redhat.com/support/errata/RHSA-2008-0151.html

http://www.redhat.com/support/errata/RHSA-2008-0213.html

http://www.securityfocus.com/bid/26850

http://osvdb.org/42631

http://www.vupen.com/english/advisories/2007/4215

Related Vulnerabilities

CVE-2023-37953 Vulnerability in maven package com.mabl.integration.jenkins:mabl-integration

CVE-2019-5416 Vulnerability in npm package localhost-now

CVE-2020-7792 Vulnerability in npm package mout

CVE-2023-46732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-flamingo-skin-resources

CVE-2023-27903 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

Severity

Critical

Classification

CWE-20

Tags

Exploit Vendor Advisory