01642 06 11 11 Arrange Call

Arbitrary Code Execution Vulnerability in JBoss RichFaces before 4.5.4

CVE-2015-0279 · MEDIUM

CVE-2015-0279

JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.

Learn more about our Web Application Penetration Testing UK.