Oops. It's private... Please ignore ;) On 9 Jun 2014 09:31, "Lance Java" <lance.j...@googlemail.com> wrote:
> FYI - This app seems to have a security hole. Index.java has an action > which accepts a file path and serves a file from the classpath. > > I could use this to access .class files etc. Perhaps even your hibernate > cfg file with username password. >
