On Wed, Oct 3, 2018 at 12:50 PM Mark Thomas <ma...@apache.org> wrote: > CVE-2018-11784 Apache Tomcat - Open Redirect
Is it possible to get more information on the "specially crafted URL"? I'd like more information so that I can test if some of our apps are vulnerable. In addition, I'd like to verify that the value of mapperContextRootRedirectEnabled defaults to "true", so if we don't alter that value we aren't susceptible? Thanks and regards, -Mike Yoder Cloudera, Inc. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
