Description
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Remediation
References
Related Vulnerabilities
WordPress Plugin Embed PDF Cross-Site Scripting (1.0.6)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7233)
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)