Description
Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
Remediation
References
Related Vulnerabilities
WordPress Plugin Redirection Local File Inclusion (2.7.3)
Squid Improper Input Validation Vulnerability (CVE-2014-0128)
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-35940)
WordPress Plugin Catch Themes Demo Import Remote Code Execution (2.1)
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)