CVE-2005-4833
The affected product is IBM WebSphere Application Server 6.0 prior to 20050201, vulnerable when serving pages in an Application WAR or an Extended Document Root. The root cause is lack of URL normalization, allowing remote attackers to access the JSP source code and other sensitive information vi...