The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.wildfly:wildfly-parent(Maven) | 8.1.0.Final | 9.0.0.CR2 | N/A |
CVSS Metrics
