Remote Code Injection Vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4

Remote Code Injection Vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4

CVE-2011-4343 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters.

Learn more about our Cis Benchmark Audit For Apache Http Server.