Invalid parsing of EL expression can lead to invalid EL expressions considered valid
Description
This is a fix for CVE-2020-10693 .
More details here: https://issues.redhat.com/browse/JBEAP-19087 .
Note that this is a problem only if developers include user input in the constraint violation message and do not properly escape it.
Environment
None
Assignee
Yoann Rodière
Reporter
Guillaume Smet
Labels
None
Feedback Requested
None
Feedback Requested By
None
backPortable
None
Suitable for new contributors
None
backportDecision
None
backportReEvaluate
None
Components
Fix versions
Priority
MajorConfigure