Details
-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
None
-
Severity 3 - Minor
-
Description
There is an arbitrary resource forwarding vulnerability in TotalityFilter. The vulnerability can be triggered via the JsonRewrite class, and can lead to execution of arbitrary JSP files or downloading configuration files under the WEB-INF.