Hi There, I am verifying the fix that you made for CVE-2015-5345 & it appears to be not fixed. I might be doing something wrong & hence sending out this email to you. All i did was, a) Downloaded & installed the latest tomcat build 7.0.68. b) Added the following context attribute to manager webapp just for testing - File: $CATALINA_HOME\webapps\manager\META-INF\context.xml <Context mapperContextRootRedirectEnabled="false" antiResourceLocking="false" privileged="true"> c) When i access http://localhost/8080/manager/images, it still gets redirected to /images/ there by confirming the folder location. Same thing happens when accessing /manager/index.jsp too.
Am i missing anything here ? Please help me understand the exact fix for this issue. regards Harish Krishnan