Описание
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=426206EJBQL injection via 'order' parameter
EPSS
Процентиль: 83%
0.02004
Низкий
Связанные уязвимости
nvd
почти 18 лет назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
debian
почти 18 лет назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query clas ...
github
больше 3 лет назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
EPSS
Процентиль: 83%
0.02004
Низкий