Tushar Vartak

Name of the Vulnerable Software and Affected Versions: Apache Tomcat version 4.1.31 Description: A cross-site request forgery issue exists in the calendar examples application, specifically in cal2.jsp. This allows remote attackers to add events as arbitrary users by manipulating the `time` and `description` parameters. Recommendations: For Apache Tomcat version 4.1.31, as a temporary workaround, consider restricting access to the cal2.jsp page in the calendar examples application until a patch is available. Avoid using the `time` and `description` parameters in the affected page until the issue is resolved.