|
Apache Tomcat Invoker Servlet File Disclosure Vulnerability
An information-disclosure vulnerability has been reported to reside in Apache Tomcat. The vulnerability allows an attacker to cause Tomcat to return the unprocessed source of a JSP page or, in certain circumstances, a resource that would otherwise have been secured. The vulnerability occurs when using the invoker servlet in conjunction with the default servlet. NOTE: This issue is a variant of the vulnerability described in BID 5786. |
|
|
Privacy Statement |
