High severity8.8CISA KEVNVD Advisory· Published Aug 5, 2010· Updated Jun 16, 2026
CVE-2010-1871
CVE-2010-1871
Description
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
- (no CPE)range: 4.3.0
Patches
Vulnerability mechanics
References
9- www.securityfocus.com/bid/41994nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2010/1929nvdBroken LinkVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/60794nvdThird Party AdvisoryVDB Entry
- security.netapp.com/advisory/ntap-20161017-0001/nvdThird Party Advisory
- archives.neohapsis.com/archives/bugtraq/2013-05/0117.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2010-0564.htmlnvdBroken Link
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.