https://bugzilla.redhat.com/show_bug.cgi?id=1390520
--- Doc Text *updated* by Timothy Walsh <twalsh(a)redhat.com> ---
It was discovered that when a SecurityManager is configured Tomcat's system property
replacement feature for configuration files could be used by a malicious web application
to bypass the SecurityManager and read system properties that should not be visible.
--
You are receiving this mail because:
You are on the CC list for the bug.