Debian Linux Security Advisory 2359-1 - It was discovered that Mojarra, an implementation of JavaServer Faces, evaluates untrusted values as EL expressions if includeViewParameters is set to true.
0e5bf51ca44b6f7e187052037f792c15ea68a6d17dae41a04935fd68c0e2d375