source: https://www.securityfocus.com/bid/5517/info A path disclosure vulnerability has been reported in Mozilla Bonsai. An attacker can exploit this vulnerability by making a malformed request to Bonsai. This causes Bonsai to return an error page to the requesting user. This error page will contain the absolute path information about the requested file. /bonsai/cvsview2.cgi /bonsai/multidiff.cgi