Redhat enterprise_linux_workstation 7.Oracle communications_application_session_controller 3.8.0.Oracle communications_application_session_controller 3.7.1.redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. Currently, we are using Tomcat 6.0.32/Java 1.626 and Tomcat 7.0.21/java 1.627 running on RHEL 5.11. Each vulnerability is given a security impact rating by the Apache Tomcat security team please note that this rating may vary from platform to platform.
#APACHE TOMCAT 7.0.42 ZIP#
Upon clicking the link, an authenticated user's browser session could be redirected to a malicious site that is designed to impersonate a legitimate website, leading to a spoofing vulnerability. This page lists all security vulnerabilities fixed in released versions of Apache Tomcat 7.x. Apache: Tags: apache webserver server tomcat: Date: Sep 25, 2013: Files: pom (433 bytes) zip (8.
This is due to insufficient sanitization of crafted URLs. HTTP: Apache Tomcat Default Servlet Open RedirectĪn open redirect vulnerability has been reported in Apache Tomcat. Apache Tomcat Default Servlet Open Redirect
0 kommentar(er)
