Description
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Remediation
References
Related Vulnerabilities
WordPress Plugin HK Exif Tags Cross-Site Scripting (1.11)
WordPress Plugin Duplicate Post SQL Injection (1.1.9)
WordPress Plugin Sniplets Multiple Input Validation Vulnerabilities (1.2.2)
WordPress Plugin Magic Post Voice Cross-Site Scripting (1.2)
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)