Description
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.34)
WordPress Plugin WP RSS Multi Importer Multiple Vulnerabilities (3.15)
WordPress Plugin Tune Library SQL Injection (1.5.4)
WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (3.1.26)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913)