Description
When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bannerlid Cross-Site Scripting (1.1.0)
Apache Tomcat version older than 6.0.14
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)
phpList Incorrect Comparison Vulnerability (CVE-2020-23361)
WordPress Plugin Click to Call or Chat Buttons Cross-Site Scripting (1.4.0)