Description
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
Remediation
References
Related Vulnerabilities
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.2.4)
Apache HTTP Server Improper Authentication Vulnerability (CVE-2018-1312)
MySQL CVE-2017-3643 Vulnerability (CVE-2017-3643)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)