Description
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Remediation
References
Related Vulnerabilities
WordPress Plugin JW Player 6 Cross-Site Scripting (2.1.14)
WordPress Plugin HM Multiple Roles Security Bypass (1.2)
WordPress Plugin Timetable and Event Schedule by MotoPress Cross-Site Request Forgery (2.4.1)
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
WordPress Plugin WP Limit Login Attempts Security Bypass (2.6.4)