Critical security vulnerability in Grails could lead to remote code execution

The attack exploits a section of the Grails data-binding logic, which is invoked in a number of ways including the creation of command objects, domain class construction, and manual data binding when using bindData.