PT-2024-2115 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.2.0 through 6.2.15 Fortinet FortiOS versions 6.4.0 through 6.4.14 Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS versions 7.4.0 through 7.4.1 FortiProx...

ALSA-2024:0474 Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

tomcat: Open Redirect vulnerability in FORM authentication

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Open Redirect vulnerability in FORM authentication CVE-2023-41080 tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794 tomcat: improper...

Open Redirect

Apache Shiro is vulnerable to Open Redirect. The vulnerability is due to improper sanitization and validation on URL redirection when form authentication is used. This issue can be exploited by an attacker to redirect user to untrusted sites...

Open redirect in Apache Shiro

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

DEBIAN-CVE-2023-46750

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

UBUNTU-CVE-2023-46750

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

CVE-2023-46750 Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

CVE-2023-46750 Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.

URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...

PT-2023-30183 · Apache +3 · Apache Shiro +3

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.13.0 Apache Shiro versions 2.0.0-alpha-1 through 2.0.0-alpha-3 Description: The issue is related to a URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apach...

CVE-2023-41699 Payara Platform: URL Redirection to untrusted site using FORM authentication

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...

VulnCheck KEV: CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

tomcat: Open Redirect vulnerability in FORM authentication

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

[SECURITY] [DLA 3617-1] tomcat9 security update

Debian LTS Advisory DLA-3617-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 13, 2023 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u9 CVE ID : CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648 Several...

SUSE SLES12 Security Update : tomcat (SUSE-SU-2023:3987-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3987-1 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache...

SUSE-SU-2023:3987-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2023-41080: Fixed URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature bsc1214666...

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-015)

The version of tomcat installed on the remote host is prior to 8.5.93-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-015 advisory. URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue...

Medium: tomcat

Issue Overview: URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The...

OESA-2023-1632 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...