Summary
IBM's HTTP Server on the AS/400 platform is vulnerable to an attack that will show the source code of the page -- such as an .html or .jsp page -- by attaching an '/' to the end of a URL.
Example:
http://www.example.com/getsource.jsp/
Solution
Not yet
Severity
Classification
-
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- Apache Tomcat TroubleShooter Servlet Installed