CVE-2007-6433

CVE-2007-6433 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.

Learn more about our Web Application Penetration Testing UK.