Martin Kouba

**Name of the Vulnerable Software and Affected Versions** JBoss Seam 2 framework versions 2.2.x and earlier Red Hat JBoss Enterprise SOA Platform versions 4.3.0.CP04 and 5.1.0 JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) versions 4.3.0.CP09 and 5.1.0 **Description** The issue is related to the improper restriction of Expression Language (EL) statements in FacesMessages during page exception handling. This allows remote attackers to execute arbitrary Java code via a crafted URL to an application. **Recommendations** For JBoss Seam 2 framework versions 2.2.x and earlier, restrict the use of Expression Language (EL) statements in FacesMessages during page exception handling. For Red Hat JBoss Enterprise SOA Platform versions 4.3.0.CP04 and 5.1.0, update the JBoss Seam 2 framework to a version that properly restricts EL statements. For JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) versions 4.3.0.CP09 and 5.1.0, update the JBoss Seam 2 framework to a version that properly restricts EL statements.