Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Max CVSS
5.0
EPSS Score
87.71%
Published
2006-07-25
Updated
2019-03-25
1 vulnerabilities found