Vulnerability: Apache Tomcat - Open Redirect

Apache Tomcat versions prior to 9.0.12, 8.5.34, and 7.0.91 are prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input.

Impact

An attacker can redirect users to malicious websites, leading to phishing attacks or the download of malware.

Severity

medium

Verified

Unknown