CVE-2015-5351 in Tomcat信息

摘要

由 VulDB • 2026-06-24

Apache Tomcat 7.x(低于 7.0.68)、8.x(低于 8.0.31)以及 9.x(低于 9.0.0.M2)中的 (1) Manager 和 (2) Host Manager 应用程序会为任意新请求建立会话并发送 CSRF token,这使得远程攻击者能够利用该 token 绕过 CSRF 保护机制。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!