Security My experience of vulnerability disclosure Talking about my experiences (and frustrations) of trying to responsibly disclose JolokiaPwn.
Security JolokiaPwn - Information disclosure, DoS and more in Java web servers How the popular tool Jolokia, commonly deployed in J2EE applications but also commonly misconfigured, can be used to disclose information or execute commands, often without authentication.