https://bz.apache.org/bugzilla/show_bug.cgi?id=62844
--- Comment #5 from Remy Maucherat <r...@apache.org> --- Yes, obvious security concerns should always be discussed on the security mailing list. At this time, the CGI servlet treats as CGI any mapped path. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org