edit-icon download-icon

[Vulnerability notice] Java web.xml information leakage vulnerability

Last Updated: May 07, 2018

Description

The web.xml of Java applications is located in the WEB-INF directory. However, the WEB-INF directory may be accessed by external users because of improper configuration, resulting in the leakage of configuration information.

Fix

Re-configure the permissions for the WEB-INF directory.

Note: Take a backup before making any changes, or create a hard disk snapshot for ECS.

Thank you! We've received your feedback.