The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to obtain the source code for file under the web root via the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
caucho technology resin 3.0.18 |
||
caucho technology resin 3.0.17 |