"According to Juliano Rizzo and Thai Duong, the security vulnerability affects JavaServer Faces, Ruby on Rails, ASP.NET and other technologies and platforms." . . . . .