In the Jakarta Expression Language implementation 3.0.3 and previous versions, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse jakarta expression language |
||
quarkus quarkus |
||
oracle communications cloud native core policy 1.14.0 |
||
oracle weblogic server 14.1.1.0.0 |