Description
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
Remediation
References
Related Vulnerabilities
WordPress Plugin Human Presence Cross-Site Scripting (2.0.8)
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23437)
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.7)
Roundcube Resource Management Errors Vulnerability (CVE-2011-4078)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-10545)