Описание
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=426206EJBQL injection via 'order' parameter
EPSS
Процентиль: 84%
0.0228
Низкий
Связанные уязвимости
nvd
около 18 лет назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
debian
около 18 лет назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query clas ...
github
почти 4 года назад
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
EPSS
Процентиль: 84%
0.0228
Низкий