Apache Tomcat Request Obfuscation Vulnerability
Discription
Apache Tomcat is a lightweight Web application server from the Apache Foundation. The application implements support for Servlet and JavaServer Page (JSP).Apache Tomcat suffers from a request obfuscation vulnerability that stems from the fact that if a Web application sends a WebSocket message while a WebSocket connection is closed, the application may continue to use the socket after it is closed, and an attacker could exploit the vulnerability to cause a pool object to be placed in the pool twice.Read More
References
Back to Main