Description
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
Remediation
References
Related Vulnerabilities
WordPress Plugin Daily Prayer Time SQL Injection (2022.02.28)
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.23)
WordPress Other Vulnerability (CVE-2006-1796)
Oracle JRE CVE-2012-5087 Vulnerability (CVE-2012-5087)
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv Cross-Site Scripting (6.8.0)