Description
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom Metas Cross-Site Scripting (1.5.1)
Oracle Database Server CVE-2019-2571 Vulnerability (CVE-2019-2571)
WordPress Plugin DVS Custom Notification Multiple Cross-Site Request Forgery Vulnerabilities (1.0.1)
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.6.8)