246 matches found
K000136011: Apache Tomcat Open Redirect vulnerability CVE-2023-41080
Security Advisory Description URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.9...
SUSE CVE-2023-41080
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
Apache Tomcat Open Redirect Vulnerability (CNVD-2023-80565)
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. An open redirection vulnerability exists in Apache Tomcat, which stems from the FORM authentication feature not handling target...
Vulnerability fixed in Apache Tomcat
Apache Foundation has fixed a vulnerability in Tomcat. The vulnerability is in the way authentication via FORM is implemented and allows a malicious party to execute an open redirect. This can lead to Cross-Site Scripting Attacks. Such an attack can lead to execution of arbitrary code in the...
Apache Tomcat Open Redirect vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
CVE-2023-41080
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
DEBIAN-CVE-2023-41080
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
Open redirect
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limite...
CVE-2023-41080
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
UBUNTU-CVE-2023-41080
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
CVE-2023-41080 Apache Tomcat: Open redirect with FORM authentication
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may als...
Fixed in Apache Tomcat 8.5.93
Moderate: Open redirect CVE-2023-41080 If the ROOT default web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. This was fixed with commit 4998ad74. This issue was reported ...
Apache Tomcat 输入验证错误漏洞
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. An open redirection vulnerability exists in Apache Tomcat, which stems from the FORM authentication feature not handling target...
Apache Tomcat 8.5.0 < 8.5.93
The version of Tomcat installed on the remote host is prior to 8.5.93. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.93security-8 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.Th...
Apache Tomcat 9.0.0.M1 < 9.0.80
The version of Tomcat installed on the remote host is prior to 9.0.80. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.80security-9 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.Th...
Fixed in Apache Tomcat 10.1.13
Moderate: Open redirect CVE-2023-41080 If the ROOT default web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. This was fixed with commit bb4624a9. This issue was reported ...
PT-2023-4582
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 8.5.0 through 8.5.92 Apache Tomcat versions 9.0.0-M1 through 9.0.79 Apache Tomcat versions 10.1.0-M1 through 10.0.12 Apache Tomcat versions 11.0.0-M1 through 11.0.0-M10 Description The issue is related to a URL redirecti...
Amazon Linux 2 : tomcat (ALAS-2023-2047)
The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...