Description
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)
MySQL Resource Management Errors Vulnerability (CVE-2010-3677)
Lighttpd Other Vulnerability (CVE-2006-0814)
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)
WordPress Plugin iThemes Security (formerly Better WP Security) Security Bypass (5.3.0)