Description
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Remediation
References
Related Vulnerabilities
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-1000355)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0198)
Oracle Database Server Other Vulnerability (CVE-2006-3700)
WordPress Plugin Easy WP SMTP PHP Object Injection (1.3.9)
WordPress Plugin Add Any Extension to Pages Cross-Site Scripting (1.3)