https://issues.apache.org/bugzilla/show_bug.cgi?id=51698

--- Comment #3 from Edward Quick <edwardqu...@hotmail.com> 2011-09-02 10:35:50 
UTC ---
Hi there, I was testing this out to see if my site was vulnerable and got the
following results. I'm not sure looking at the code comments in
ForwardRequestForgeryExample.java if the output below means it's vulnerable and
what exactly that exploited. Could you help me out a bit please?

Thanks,
Ed.

C:>java -cp . ForwardRequestForgeryExample
Sending AJP Forward-Request Packet...
End

$ tail -f catalina.out
Invoke HelloWorldExample.doPost method:
-------------------------------------------
Host: my.evil-site.com
RemoteAddr: 1.2.3.4
LocalPort: 999
woo: I am here

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to