Download
| Alert*
DSA-2359-1 mojarra -- EL injection
It was discovered that Mojarra, an implementation of JavaServer Faces, evaluates untrusted values as EL expressions if includeViewParameters is set to true.
|