CVE-2018-12533: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

May 13, 2022 (updated November 8, 2022)

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.

References

seclists.org/fulldisclosure/2020/Mar/21
access.redhat.com/errata/RHSA-2018:2663
access.redhat.com/errata/RHSA-2018:2664
access.redhat.com/errata/RHSA-2018:2930
codewhitesec.blogspot.com/2018/05/poor-richfaces.html
github.com/advisories/GHSA-4j38-wjhf-884r
nvd.nist.gov/vuln/detail/CVE-2018-12533

Code Behaviors & Features

Detect and mitigate CVE-2018-12533 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →