Open
Description
From chrisisbeef on December 04, 2009 20:56:45
It is possible to access restricted resources and bypass access control on
those resources on pages that use the jsp forward and include tags.
Ref: https://lists.owasp.org/pipermail/owasp-esapi/2009-December/001672.html
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=71