Tag: apache

All the articles with the tag "apache".

• [CVE-2025-49125] Apache Tomcat Pre/Post-Resource Authentication Bypass Exposes Protected Content

  16 Jun, 2025

  Mounting PreResources or PostResources outside the root path lets attackers reach files through an alternate URL that ignores security constraints, undermining Java web application access control.