1 Reply Latest reply on Dec 4, 2001 1:39 PM by starksm64

cookie security hole

jimboj Dec 4, 2001 4:14 AM

Hi there,

I just wanted to make someone at JBoss aware of this cookie security hole posted on the server side recently. Not sure if it includes JBoss or if it has been addressed, but better to be safe than sorry

http://www.infoworld.com/articles/hn/xml/01/12/03/011203hnjavahole.xml

Cheers

J

1. Re: cookie security hole

starksm64 Dec 4, 2001 1:39 PM (in response to jimboj)

This only applies to servlet containers based on Sun's now quite old JWS 1.1. JBoss uses third party servlet containers like Tomcat and Jetty that do not have this problem.
Actions