IBM WebSphere JSP Engine Source Disclosure
Medium Nessus Network Monitor Plugin ID 2612
SynopsisThe remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.
DescriptionThe remote WebSphere web server is vulnerable to an information leak. There is a flaw in the JSP engine that would allow a remote attacker to view the source code of any of the web server scripts. An attacker exploiting this flaw would only need to be able to send HTTP requests to the web server.
SolutionUpgrade or patch according to vendor recommendations.