From gbhackers.com
Ghostcat, 13-Year old severe file inclusion vulnerability affected Apache-Tomcat server allows hackers to read or include any files in the web app directories of Tomcat remotely.
Tomcat is one of the most popular Java middleware servers that used to deploy Java Servlets and JSPs, also it provides a “pure Java” HTTP web server environment in which Java code can run.
Critical Ghostcat Vulnerability initially discovered by a researcher from Chaitin Tech and the bug is specifically existing in the Tomcat AJP protocol.