Caucho Resin UTF-7 Cross-Site Scripting Vulnerability

Posted by Trancer on Oct 05 2008

CauchoSecurity Advisory for Caucho Resin Application Server version 3.2 and below.
Vulnerabilities found:

  • UTF-7 Cross-Site Scripting

PDF Format PDF version.
TXT Format TXT version.

This actually mean that every web application hosted on a Caucho Resin application server is vulnerable to Cross-Site Scripting… If you have one, I seriously recommend you patch your server :-)

References:
Caucho Resin 3.2.1 Release Notes
Caucho bug ID 2965

Categories: Advisories

Share this on Facebook Share this on Twitter Digg thisShare this on redditShare this on LinkedInStumbleupon itDelicious
0 Comments | Comments RSS feedComments RSS | TrackBack URLTrackBack URL

Leave a Reply
Follow Recognize-Security on Twitter