Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4590 - Vulnerability Database

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4590

Medium
Reference: CVE-2013-4590
Title: Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Apache Tomcat before 6.0.39 7.x before 7.0.50 and 8.x before 8.0.0-RC10 allows attackers to obtain quotTomcat internalsquot information by leveraging the presence of an untrusted web application with a context.xml web.xml .jspx .tagx or .tld XML document containing an external entity declaration in conjunction with an entity reference related to an XML External Entity (XXE) issue.