Description
Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5)
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
WordPress Plugin Amelia-Events & Appointments Booking Calendar Cross-Site Scripting (1.0.46)