New vulnerability discovered in CSM Tomcat server