Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Tomcat Improper Handling of Case Sensitivity Vulnerability (CVE-2026-43513)

Description

Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.

Remediation

References

Related Vulnerabilities

WordPress Plugin Content Blocks (Custom Post Widget) Cross-Site Scripting (3.0)

WordPress Plugin Bold Page Builder PHP Object Injection (3.1.5)

phpMyAdmin Cryptographic Issues Vulnerability (CVE-2015-3903)

WordPress 4.4.x Arbitrary File Deletion Vulnerability (4.4 - 4.4.15)

WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)

Severity

High

Classification

CVE-2026-43513 CWE-178 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities