Description
Apache mod_proxy allows an unauthenticated attacker to send arbitrary values in the request uri-path and interact with internal network resources which is otherwise not accessible externally. An attacker may use this feature to perform SSRF (server-side request forgery) attacks on the server.
Remediation
Upgrade to the latest version of Apache HTTP Server