Description

Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.

Remediation

References

CVE-2004-0281

Related Vulnerabilities

WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (3.0.1)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14169)

WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.0.9)

WordPress Plugin WordPress Form Customizer-CF7 Customizer Cross-Site Scripting (1.6.1)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)

Severity

Medium

Classification

CVE-2004-0281

Tags

Missing Update Known Vulnerabilities