Details
Setting crossContext to true allows for an application to call ServletConext.getContext to return a dispatcher for another application.
Solution
In all context.xml, set the crossContext attribute to false:
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.