Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
Description
When using a VirtualDirContext it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
Affected Applications
Apache Tomcat