CVE-2017-7674

CVE-2017-7674

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.

Source: CVE-2017-7674

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다