Code Injection
The RichFaces Framework is vulnerable to Expression Language (EL) injection via the UserResource resource.
Advisories for Maven/Org.richfaces/Richfaces-A4j package
2018
Code Injection
JBoss RichFaces allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code.
Code Injection
JBoss RichFaces allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code.