https://issues.apache.org/bugzilla/show_bug.cgi?id=48577
--- Comment #3 from Konstantin Kolinko 2010-03-03
17:25:59 UTC ---
Fixed in 5.5 in r918592, will be in 5.5.29 onwards.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail b
https://issues.apache.org/bugzilla/show_bug.cgi?id=48577
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
https://issues.apache.org/bugzilla/show_bug.cgi?id=48577
--- Comment #1 from Mark Thomas 2010-02-02 10:03:23 GMT ---
I wouldn't class this as a vulnerability as it requires both a bug (missing
page) in the app and the app to pass on request parameters to the included page
without validating them.
