Description
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
Remediation
References
Related Vulnerabilities
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3220)
WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1)
WordPress Plugin WordPress Slider Block Gutenslider Cross-Site Scripting (5.1.5)
Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402)