10 lines
No EOL
620 B
Text
10 lines
No EOL
620 B
Text
source: https://www.securityfocus.com/bid/13160/info
|
|
|
|
A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to properly handle various requests under certain circumstances.
|
|
|
|
It should be noted that this issue only arises when the Web serve and application server root directories reside in the same location; this is not the default configuration.
|
|
|
|
An attacker may leverage this issue to disclose JSP source code, facilitating code theft as well as potential further attacks.
|
|
|
|
GET /index.jsp HTTP/1.0
|
|
Host: NonExistentHost |