Expression Language (EL) Injection (CWE-917)
CWE-917 describes Expression Language (EL) Injection as follows:
...
Other frameworks, like Struts, use a similar expression language (OGNL) that in certain cases allow double execution of OGNL.
EL Injection (CWE-917) coverage by Kiuwan
In Kiuwan, you can search rules covering EL Injection (CWE-917) filtering by Vulnerability Type (“Injection”) and/or by CWE tag (“CWE:917”).
...