This vulnerability allows attackers to execute code remotely without authentication. This severe flaw can result in unauthorized access, compromising the security of web applications that rely on OpenAM for identity management.
https://hackerone.com/reports/1248052