CVE-2000-1050

Name of the Vulnerable Software and Affected Versions Allaire JRun version 3.0

Description The issue allows remote attackers to directly access the WEB-INF directory by making a URL request with an extra "/" at the beginning. This is related to the "extra leading slash" in the request.

Recommendations For Allaire JRun version 3.0, consider restricting access to the WEB-INF directory to prevent unauthorized access until a patch is available.