Description
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2009-1995 Vulnerability (CVE-2009-1995)
WordPress Plugin NEX-Forms-Ultimate Form builder SQL Injection (3.0)
OpenSSL Other Vulnerability (CVE-2015-1790)
Django Resource Management Errors Vulnerability (CVE-2015-5963)
Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-11831)