Description
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
Remediation
References
Related Vulnerabilities
Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504)
WordPress Plugin WebLibrarian Cross-Site Scripting (3.4.8.6)
SharePoint CVE-2021-27076 Vulnerability (CVE-2021-27076)
WordPress Plugin WordPress Download Manager 'cid' Parameter Cross-Site Scripting (2.2.2)