From 2357c8ad551570e5160b6af14131062eb0b8bc50 Mon Sep 17 00:00:00 2001
From: jheysel-r7 <Jack_Heysel@rapid7.com>
Date: Fri, 6 Dec 2024 16:00:58 -0800
Subject: [PATCH] Standardize capitalization of Java Expression Language

---
 .../exploits/multi/http/primefaces_weak_encryption_rce.rb   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/exploits/multi/http/primefaces_weak_encryption_rce.rb b/modules/exploits/multi/http/primefaces_weak_encryption_rce.rb
index 794b635ebb2f..adb0f2ccc958 100644
--- a/modules/exploits/multi/http/primefaces_weak_encryption_rce.rb
+++ b/modules/exploits/multi/http/primefaces_weak_encryption_rce.rb
@@ -15,7 +15,7 @@ def initialize(info = {})
         info,
         'Name' => 'Primefaces Remote Code Execution Exploit',
         'Description' => %q{
-          This module exploits an expression language remote code execution flaw in the Primefaces JSF framework.
+          This module exploits a Java Expression Language remote code execution flaw in the Primefaces JSF framework.
           Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack,
           due to the use of weak crypto and default encryption password and salt.
 
@@ -134,9 +134,9 @@ def check
 
     res = http_send_command(payload_wrapper)
     return Exploit::CheckCode::Unknown('Unable to determine due to a HTTP connection timeout') if res.nil?
-    return Exploit::CheckCode::Vulnerable('Victim evaluates java Expression Language expressions') if res.headers && res.headers[marker] == marker
+    return Exploit::CheckCode::Vulnerable('Victim evaluates Java Expression Language expressions') if res.headers && res.headers[marker] == marker
 
-    Exploit::CheckCode::Safe('Server does not process java Expression Language expressions, likely not vulnerable')
+    Exploit::CheckCode::Safe('Server does not process Java Expression Language expressions, likely not vulnerable')
   end
 
 end