comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.Referenceshttp://marc.info/?l=bugtraq&m=101465709621105&w=2
