Description
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Remediation
References
Related Vulnerabilities
Jetty Improper Neutralization of Quoting Syntax Vulnerability (CVE-2023-36479)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.30)
WordPress Plugin SMTP Mail Cross-Site Scripting (1.3.1)
WordPress Plugin Highlight Cross-Site Scripting (0.9.2)
WordPress Plugin WP Customer Reviews Cross-Site Scripting (3.5.5)