• info
• discussion
• exploit
• solution
• references

JBoss Seam 'order' Parameter SQL Injection Vulnerability

Solution:
The vendor has released JBoss Seam 2.0.0.GA to address this issue. Please see the references for more information.


JBoss Group JBoss Seam 2.0 CR2

• JBoss Group jboss-seam-2.0.0.GA.tar.gz
  http://downloads.sourceforge.net/jboss/jboss-seam-2.0.0.GA.tar.gz?modt ime=1193930784&big_mirror=1

JBoss Group JBoss Seam 2.0 CR3

• JBoss Group jboss-seam-2.0.0.GA.tar.gz
  http://downloads.sourceforge.net/jboss/jboss-seam-2.0.0.GA.tar.gz?modt ime=1193930784&big_mirror=1

JBoss Group JBoss Seam 2.0 CR1

• JBoss Group jboss-seam-2.0.0.GA.tar.gz
  http://downloads.sourceforge.net/jboss/jboss-seam-2.0.0.GA.tar.gz?modt ime=1193930784&big_mirror=1