CVE-2006-3936
Alkacon OpenCms is affected by a JSP source disclosure in system/workplace/editors/editor.jsp prior to version 6.2.2. The vulnerability allows an authenticated user to read the source code of arbitrary JSP files by supplying the file path via the resource parameter (demonstrated with index.jsp). ...