Hi all, Is there any workaround for the recently announced exploit that exposes directory listings using tomcat? exploits: http://target:8080/%2e%2e/%2e%2e/%00.jsp It is possible to cause the Tomcat server to Listing outside the document root directory scope. I do not use JSP, so if disabling JSP support in Tomcat is the answer, can I do that? If so how? Thanks, Bill