Description
Important: Bypass of CSRF prevention filter CVE-2012-4431
The CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request.
Affected Apache Tomcat versions (7.0.0 - 7.0.31).
Remediation
Upgrade to the latest version of Apache Tomcat.
References
Related Vulnerabilities
WordPress Plugin KBoard Multiple Vulnerabilities (3.3)
WordPress Plugin Language Bar Flags Cross-Site Request Forgery (1.0.8)
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.19)
WordPress Plugin Ruven Toolkit Cross-Site Scripting (1.1)
WordPress Plugin WP Security Safe Cross-Site Request Forgery (2.2.2)