Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2005-4836 - Vulnerability Database
Apache Tomcat

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2005-4836

High
Reference: CVE-2005-4836
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2005-4836
Title: Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured which allows remote attackers to read JSP source files and obtain sensitive information.