Description
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14725 Vulnerability (CVE-2020-14725)
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)
Joomla! Core Directory Traversal (2.5.0 - 3.9.22)
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.12)
ownCloud Improper Authentication Vulnerability (CVE-2014-9045)