Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4590 - Vulnerability Database
Apache Tomcat

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2013-4590

Medium
Reference: CVE-2013-4590
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4590
Title: Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Apache Tomcat before 6.0.39 7.x before 7.0.50 and 8.x before 8.0.0-RC10 allows attackers to obtain quotTomcat internalsquot information by leveraging the presence of an untrusted web application with a context.xml web.xml .jspx .tagx or .tld XML document containing an external entity declaration in conjunction with an entity reference related to an XML External Entity (XXE) issue.