Description
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Remediation
References
Related Vulnerabilities
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Scripting (1.3.5)
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.13)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1454)