Caucho Technology Resin Cross-Site Scripting Vulnerability

Resin is a commercial "fast" webserver which offers full JSP support.

Resin does not filter script embedding from user-submitted links that are displayed on the server's websites. A malicious webmaster can exploit this vulnerability to cause JavaScript commands or embedded scripts to be executed by any user who clicks on the hyper-link.


 

Privacy Statement
Copyright 2010, SecurityFocus