Description
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
Remediation
References
Related Vulnerabilities
Moodle DEPRECATED: Code Vulnerability (CVE-2015-2270)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5113)
Oracle JRE CVE-2020-2800 Vulnerability (CVE-2020-2800)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-9937)
WordPress Plugin Csv Import-Export Multiple Cross-Site Scripting Vulnerabilities (1.1.0)