Security Advisory

CVE-2023-41080

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-25 20:39:36
Last updated 2025-10-29 12:04:40
Assigner apache
State PUBLISHED

Description

URL Redirection to Untrusted Site (Open Redirect) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may also be affected. The vulnerability is limited to the ROOT (default) web application.