Remote Code Disclosure in Caucho Technology Resin 2.1.12 via Encoded Space Character in JSP File Name

CVE-2004-0280 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.

Learn more about our Web Application Penetration Testing UK.