Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
Remediation
References
Related Vulnerabilities
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17858)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31552)
Atlassian Jira CVE-2020-29451 Vulnerability (CVE-2020-29451)
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Cross-Site Scripting (1.11.18)