CVE-2018-12533
CRITICAL9.8EPSS 79.7%Arbitrary code execution in Richfaces
Published: 5/13/2022Modified: 11/8/2023
Description
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
Affected packages (1)
- Maven/org.richfaces:richfaces-core>= 3.1.0, <= 3.3.4
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-12533
- WEBhttps://access.redhat.com/errata/RHSA-2018:2663
- WEBhttps://access.redhat.com/errata/RHSA-2018:2664
- WEBhttps://access.redhat.com/errata/RHSA-2018:2930
- WEBhttps://codewhitesec.blogspot.com/2018/05/poor-richfaces.html
- WEBhttp://seclists.org/fulldisclosure/2020/Mar/21