Description
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply.
Remediation
References
Related Vulnerabilities
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.2)
WordPress Plugin AccessPress Social Icons Cross-Site Scripting (1.6.6)
WordPress Plugin Product Catalog Multiple SQL Injection Vulnerabilities (2.1)
WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.20)