Path Traversal

Apache Tomcat servlets-webdav is vulnerable to path traversal. A remote authenticated user is able to submit absolute file paths to read arbitrary files via a WebDAV write request which specifies an entry with a SYSTEM tag...