Description
Important: Bypass of CSRF prevention filter CVE-2012-4431
The CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request.
Affected Apache Tomcat versions (7.0.0 - 7.0.31).
Remediation
Upgrade to the latest version of Apache Tomcat.
References
Related Vulnerabilities
Lockdown WP Admin Unspecified Vulnerability (1.1.2)
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)
Yahoo! Updates for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.0)
Oracle Database Server CVE-2016-5555 Vulnerability (CVE-2016-5555)
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000401)