JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
History

Tue, 13 Aug 2024 23:30:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-08-04T19:00:00

Updated: 2024-08-07T01:35:53.728Z

Reserved: 2010-05-10T00:00:00

Link: CVE-2010-1871

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2010-08-05T13:23:09.477

Modified: 2024-12-19T17:52:39.207

Link: CVE-2010-1871

cve-icon Redhat

Severity : Important

Publid Date: 2010-07-27T00:00:00Z

Links: CVE-2010-1871 - Bugzilla