Arbitrary Code Execution in JBoss Drools, Red Hat JBoss BRMS, and Red Hat JBoss BPM Suite
CVE-2013-6468 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
Learn more about our User Device Pen Test.