Acunetix has detected that the web application is based on Apache Tapestry. Apache Tapestry has a vulnerability that allows an unauthenticated user to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker can use it to achieve RCE on the server.


Upgrade to the latest version of Apache Tapestry


Related Vulnerabilities