Caucho Technology: >> Resin >> 1.2 Security Vulnerabilities
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
CVSS Score
5.0
EPSS Score
0.031
Published
2001-06-18
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
CVSS Score
5.0
EPSS Score
0.046
Published
2000-11-23