![Permalink for '[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability'](/themes/lilina/web//media/mark_on.gif)
Posted by Leonardo Uribe on Feb 09
--------------------------------------------------------------------------------------------------CVE-2011-4367: Apache MyFaces information disclosure vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
MyFaces Core 2.0.1 to 2.0.11
MyFaces Core 2.1.0 to 2.1.5
Earlier versions are not affected
Description:
MyFaces JavaServer Faces (JSF) allows relative paths in the...