Description
It was identified that this application supports the legacy headers X-Original-URL and/or X-Rewrite-URL.
Support for these headers lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header and allows a user to access one URL but have web application return a different one which can bypass restrictions on higher level caches and web servers.
Many web frameworks such as Symfony 2.7.0 to 2.7.48, 2.8.0 to 2.8.43, 3.3.0 to 3.3.17, 3.4.0 to 3.4.13, 4.0.0 to 4.0.13 and 4.1.0 to 4.1.2 , zend-diactoros up to 1.8.4, zend-http up to 2.8.1, zend-feed up to 2.10.3 are affected by this security issue.
Remediation
Upgrade the affected web frameworks to their latest versions.
References
Related Vulnerabilities
WordPress Plugin WooCommerce Blocks Security Bypass (3.7.0)
WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)
WordPress Plugin Stop User Enumeration Security Bypass (1.3.18)
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.24)
WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities (7.2.0)