Apache Tomcat CVE-2013-2067 Authentication Bypass Vulnerability
Description
FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a request that would be executed using the victim's credentials.
Affected Applications
Apache Tomcat