Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.00462
Percentile: 0.63229

CVSS Scoring

Affected Products

• cpe:2.3:a:caucho_technology:resin:2.1.12:*:*:*:*:*:*:*

← Back to Home