https://bz.apache.org/bugzilla/show_bug.cgi?id=62844
Remy Maucherat <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID OS| |All --- Comment #3 from Remy Maucherat <[email protected]> --- You MUST report potential security issues to security @ tomcat.apache.org, never in a public BZ. There is no vulnerability here however, the CGI servlet does not do anything with the path suffix (or file extension), if will simply attempt to execute any path mapped to it. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
