Description
Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
Remediation
References
Related Vulnerabilities
WordPress Plugin Forym-Modern Discussion Forum for Wordpress-Forums Cross-Site Scripting (1.5.8)
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-1000658)
WordPress Plugin WP Job Manager Cross-Site Request Forgery (1.25.2)
WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539)