Description
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Remediation
References
Related Vulnerabilities
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (2.9.43)
WordPress Plugin Font-official webfonts plugin of Fonts For Web Cross-Site Scripting (7.5.1)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.15)
WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection (2.55)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)