An input sanitization flaw was found in the way JBoss Seam processes certain parameterized JBoss Expression Language (EL) expressions. A remote unauthenticated attacker could use this flaw to execute arbitrary code via GET requests, containing specially-crafted expression language parameters, provided to web applications based on the JBoss Seam framework.
This module exploits the vulnerability in any web application based on vulnerable versions of the Seam 2 framework.
This module exploits the vulnerability in any web application based on vulnerable versions of the Seam 2 framework.
CVE Link
Exploit Type - Old
Exploits/Remote Code Execution
Exploit Platform
Exploit Type
Product Name