Uploaded image for project: 'Commons BeanUtils'
  1. Commons BeanUtils
  2. BEANUTILS-463

Class loader vulnerability in DefaultResolver

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.8.0, 1.8.1, 1.8.2, 1.8.3, 1.9.0, 1.9.1
    • 1.9.2
    • Expression Syntax
    • None

    Description

      There is no check for the "class" keyword when getting nested properties. Please see here (and translate it) for a more detailed explanation:

      http://qiita.com/kawasima/items/670d2591bc8fea19dc1d

      Attachments

        Activity

          People

            Unassigned Unassigned
            ptrainor Patrick Trainor
            Votes:
            2 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: