2005-07-14 04:00:00
mitre
PUBLISHED
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3)