Apache Tomcat CVE-2011-1183 Vulnerability
Description
A regression in the fix for CVE-2011-1088 meant that security constraints were ignored when no login configuration was present in the web.xml and the web application was marked as meta-data complete.
Affected Applications
Apache Tomcat