Hi,
We are currently using Resin3.0.25 and we could not pass PCI Compliance
scan due to the following problem (The message below is taken from the
scan results):
---
Synopsis : The remote web server contains a Java Servlet that is
affected by a cross-site scripting vulnerability.
Why is resin-doc deployed to the production environment? That sounds
like a mistake, not something to patch or secure.
--
Serge Knystautas
PrestoSports
On Apr 6, 2009, at 6:23 PM, Durmus, Emre durm...@teoco.com wrote:
Hi,
We are currently using Resin3.0.25 and we could not pass PCI
for the Resin application server
Subject: Re: [Resin-interest] resin xss issue
Why is resin-doc deployed to the production environment? That sounds
like a mistake, not something to patch or secure.
--
Serge Knystautas
PrestoSports
On Apr 6, 2009, at 6:23 PM, Durmus, Emre durm...@teoco.com wrote