Description
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Recommend to a friend Cross-Site Scripting (2.0.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4303)
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (5.7.7)
WordPress Plugin Livemesh Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (6.7.1)