1. Apache Tomcat LoadBalancerDrainingValve Open Redirect Vulnerability Exposes Web Applications to Phishing Attacks
A confirmed Open Redirect vulnerability in Apache Tomcat's LoadBalancerDrainingValve component allows attackers to redirect users to untrusted websites, primarily enabling phishing and credential theft campaigns. The flaw affects multiple major Tomcat versions across the 8.5, 9.0, 10.1, and 11.0 branches, creating a wi...