Description
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-1999-1537)
WordPress Plugin Event Tickets CSV Injection (4.10.7.1)
WordPress Plugin WP SMS Cross-Site Scripting (5.4.12)
MySQL CVE-2020-14860 Vulnerability (CVE-2020-14860)
Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2011-4912)