Description
The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests.
Remediation
References
Related Vulnerabilities
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7853)
PHP Other Vulnerability (CVE-2007-0448)
WordPress Plugin Vertical News Scroller Cross-Site Scripting (1.9)
Oracle JRE CVE-2022-21283 Vulnerability (CVE-2022-21283)
WordPress Plugin Download Plugin Arbitrary Directory Download (1.0.1)