4.0.37

DATE	CVE	VULNERABILITY TITLE	RISK
2014-07-26	CVE-2014-2966	Improper Input Validation vulnerability in Caucho Resin The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism. network low complexity caucho CWE-20	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.