CVE-2019-0195

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...

Apache Tapestry 代码问题漏洞

Apache Tapestry is the United States Apache Apache Foundation of a Web application framework written in the Java language . Apache Tapestry has a security vulnerability that can be exploited by an attacker to download the file "AppModule.class" by requesting the URL "http: localhost: 8080 assets...