Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.
http://www.securitytracker.com/id/1037055
http://www.securityfocus.com/bid/93698
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html