Apache Tomcat 9.0.0 < 9.0.9 Security Constraint Weakness
High Nessus Plugin ID 111069
SynopsisThe remote Apache Tomcat server is affected default insecure settings for the CORS filter.
DescriptionThe version of Apache Tomcat installed on the remote host is 9.0.x prior to 9.0.9. It is, therefore, affected by insecure default settings in the CORS filter.
SolutionUpgrade to Apache Tomcat version 9.0.9 or later.