https://issues.apache.org/bugzilla/show_bug.cgi?id=48577
--- Comment #1 from Mark Thomas <ma...@apache.org> 2010-02-02 10:03:23 GMT --- I wouldn't class this as a vulnerability as it requires both a bug (missing page) in the app and the app to pass on request parameters to the included page without validating them. Regardless, I have added HTML filtering so the output isn't corrupted. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
