Lucene search
+L

246 matches found

F5 Networks
F5 Networks
added 2023/08/29 11:42 a.m.35 views

K000136011: Apache Tomcat Open Redirect vulnerability CVE-2023-41080

Security Advisory Description URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.9...

6.1CVSS7.5AI score0.05972EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/08/29 2:9 a.m.6 views

SUSE CVE-2023-41080

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.5CVSS7.5AI score0.05972EPSS
Exploits0References7
CNVD
CNVD
added 2023/08/29 12:0 a.m.66 views

Apache Tomcat Open Redirect Vulnerability (CNVD-2023-80565)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. An open redirection vulnerability exists in Apache Tomcat, which stems from the FORM authentication feature not handling target...

6.1CVSS6.6AI score0.05972EPSS
Exploits0References1
NCSC
NCSC
added 2023/08/28 12:0 a.m.4 views

Vulnerability fixed in Apache Tomcat

Apache Foundation has fixed a vulnerability in Tomcat. The vulnerability is in the way authentication via FORM is implemented and allows a malicious party to execute an open redirect. This can lead to Cross-Site Scripting Attacks. Such an attack can lead to execution of arbitrary code in the...

6.1CVSS8.6AI score0.05972EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/08/25 9:30 p.m.163 views

Apache Tomcat Open Redirect vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS7.7AI score0.05972EPSS
Exploits0References11Affected Software3
NVD
NVD
added 2023/08/25 9:15 p.m.28 views

CVE-2023-41080

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS7AI score0.05972EPSS
Exploits0References5
OSV
OSV
added 2023/08/25 9:15 p.m.1 views

DEBIAN-CVE-2023-41080

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS7AI score0.05972EPSS
Exploits0References1
Prion
Prion
added 2023/08/25 9:15 p.m.108 views

Open redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limite...

5.8CVSS6.3AI score0.05972EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2023/08/25 9:15 p.m.45 views

CVE-2023-41080

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS6.8AI score0.05972EPSS
Exploits0References5
OSV
OSV
added 2023/08/25 9:15 p.m.3 views

UBUNTU-CVE-2023-41080

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS6.8AI score0.05972EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/08/25 8:39 p.m.52 views

CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.8AI score0.05972EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/25 8:39 p.m.15 views

CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

7.8AI score0.05972EPSS
Exploits0References1
OSV
OSV
added 2023/08/25 8:39 p.m.32 views

CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...

6.1CVSS6.7AI score0.05972EPSS
Exploits0References7
Apache Tomcat
Apache Tomcat
added 2023/08/25 12:0 a.m.241 views

Fixed in Apache Tomcat 8.5.93

Moderate: Open redirect CVE-2023-41080 If the ROOT default web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. This was fixed with commit 4998ad74. This issue was reported ...

6.1CVSS6.6AI score0.05972EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/08/25 12:0 a.m.3 views

Apache Tomcat 输入验证错误漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. An open redirection vulnerability exists in Apache Tomcat, which stems from the FORM authentication feature not handling target...

6.1CVSS6.8AI score0.05972EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/08/25 12:0 a.m.46 views

Apache Tomcat 8.5.0 < 8.5.93

The version of Tomcat installed on the remote host is prior to 8.5.93. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.93security-8 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.Th...

6.1CVSS7.2AI score0.05972EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/25 12:0 a.m.148 views

Apache Tomcat 9.0.0.M1 < 9.0.80

The version of Tomcat installed on the remote host is prior to 9.0.80. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.80security-9 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.Th...

6.1CVSS7.2AI score0.05972EPSS
Exploits0References3
Apache Tomcat
Apache Tomcat
added 2023/08/25 12:0 a.m.138 views

Fixed in Apache Tomcat 10.1.13

Moderate: Open redirect CVE-2023-41080 If the ROOT default web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. This was fixed with commit bb4624a9. This issue was reported ...

6.1CVSS6.6AI score0.05972EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.8 views

PT-2023-4582

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 8.5.0 through 8.5.92 Apache Tomcat versions 9.0.0-M1 through 9.0.79 Apache Tomcat versions 10.1.0-M1 through 10.0.12 Apache Tomcat versions 11.0.0-M1 through 11.0.0-M10 Description The issue is related to a URL redirecti...

10CVSS8.7AI score0.99999EPSS
Exploits192References173
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.67 views

Amazon Linux 2 : tomcat (ALAS-2023-2047)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...

7.5CVSS7AI score0.87553EPSS
Exploits1References8
Rows per page
Query Builder