Endpoint Vulnerability

Apache Tomcat - Low: Information disclosure CVE-2013-4590

Description

Application provided XML files such as web.xml, context.xml, *.tld, *.tagx and *.jspx allowed XXE which could be used to expose Tomcat internals to an attacker. This vulnerability only occurs when Tomcat is running web applications from untrusted sources such as in a shared hosting environment.

Affected Products

Apache Tomcat

References

CVE-2013-4590,