IBM WebSphere Application Server (WAS) 6.0 prior to 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote malicious users to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 6.0 |