Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedHat Linux
RedHat Linuxadded 2024/01/25 10:59 a.m.3 views

tomcat: Open Redirect vulnerability in FORM authentication

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

6.1CVSS7.2AI score0.11586EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/12/07 12:37 p.m.3 views

tomcat: Open Redirect vulnerability in FORM authentication

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

6.1CVSS7.2AI score0.11586EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/12/07 12:21 p.m.2 views

tomcat: Open Redirect vulnerability in FORM authentication

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

6.1CVSS7.2AI score0.11586EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2023/08/30 3:16 p.m.29 views

CVE-2023-41080

A flaw was found in Apache Tomcat if the default web application is configured with FormAuthenticator. This issue allows a specially crafted URL to trigger a redirect to an arbitrary URL...

6.1CVSS6.1AI score0.11586EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/14 1:10 a.m.30 views

Improper Authentication in Apache Tomcat

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a...

6.8CVSS5.5AI score0.10445EPSS
Exploits2References25Affected Software1
OSV
OSVadded 2013/07/18 12:0 a.m.25 views

DSA-2725-1 tomcat6 - several

Bulletin has no description...

6.8CVSS6.4AI score0.38137EPSS
Exploits3
OpenVAS
OpenVASadded 2013/06/24 12:0 a.m.31 views

CentOS Update for tomcat6 CESA-2013:0964 centos6

Check for the Version of tomcat6 OpenVAS Vulnerability Test CentOS Update for tomcat6 CESA-2013:0964 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

6.8CVSS6.2AI score0.10445EPSS
Exploits2References2
Prion
Prionadded 2013/06/01 2:21 p.m.15 views

Session fixation

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a...

6.8CVSS7.1AI score0.10445EPSS
Exploits2References23Affected Software1
Cvelist
Cvelistadded 2013/06/01 10:0 a.m.23 views

CVE-2013-2067

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a...

6AI score0.10445EPSS
Exploits2References23
Rows per page
Query Builder