Hi all, I found that sending a SOAP message with an empty value for packageName element for undeploy operation of DeploymentWebService cause the process repository to be deleted. I think it is a vulnerability since a process client will be able to mess up with ODE. This also causes the DeploymentPoller to spit out a nullpointerException later since the process repository is no longer there. I have raised a JIRA and attached a minor patch for preventing this. Can somebody please review this issue.
Best Regards, Chamith
