Description
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-5345 Vulnerability (CVE-2006-5345)
WordPress Plugin AB Press Optimizer Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6727)
WordPress Plugin WP Keyword Link Multiple Cross-Site Scripting Vulnerabilities (1.7)
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14)