Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability

Bugtraq ID:	50848
Class:	Design Error
CVE:	CVE-2011-4343
Remote:	Yes
Local:	No
Published:	Nov 29 2011 12:00AM
Updated:	Dec 06 2011 12:17PM
Credit:	BalusC and Frederick Kämpfer.
Vulnerable:
Not Vulnerable:

Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability

Apache MyFaces is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass certain security protections and execute arbitrary script code in the browser of an unsuspecting user in the context of an affected application.

Apache MyFaces 2.0.1 through 2.0.10
Apache MyFaces 2.1.0 through 2.1.4

Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability

Few code examples are available to demonstrate this issue. Please see the references for more information.

Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.

Apache MyFaces EL Expression Evaluation Security Bypass Vulnerability

References:

• Apache CVE-2011-4343 Patch (Apache)
  
• includeViewParameters re-evaluates param/model values as EL expressions (Apache)
  
• MyFaces Homepage (Apache Software Foundation)