5 matches found
'/WEB-INF/' Information Disclosure Vulnerability (HTTP)
Various application or web servers / products are prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Update: CVE-2014-0053 Information Disclosure when using Grails
CVE-2014-0053 Information Disclosure in Grails applications Severity: Important Vendor: Grails by Pivotal Product Affected: - Grails Resources plugin 1.0.0 to 1.2.5 Products known to depend on the affected product: - Grails 2.0.0 to 2.3.6 Description: The Grails resources plug-in, a default...
Default configuration
The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from...
CVE-2014-0053
The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this identifier has been SPLIT...
CVE-2014-0053
CVE-2014-0053 affects Grails Resources plugin (versions 1.0.0–1.2.5) used with Grails 2.0.0–2.3.6. The default configuration fails to restrict access to files under /WEB-INF (and, per related entries, /META-INF) by default, enabling information disclosure via direct requests. The root cause inclu...