Anyone know how serious this is?
Lol.
If you're affected by XSS, then you have a problem (no site in the world deserves any privilege: *all* need javascript blocking these days).
It also appears to affect Tomcat 4.1.27 when using mod_jk as well. Below is a sample trace of a HTTP session.
Remy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]