Description
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
WordPress Plugin WooCommerce Admin Security Bypass (2.6.3)
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2017-5650)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (6.2.03)
WordPress Plugin Product Lister for Walmart Remote Code Execution (1.0.1)