Description
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Remediation
References
Related Vulnerabilities
WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (3.0.1)
WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.0.9)
WordPress Plugin WordPress Form Customizer-CF7 Customizer Cross-Site Scripting (1.6.1)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)