Description
Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
Remediation
References
Related Vulnerabilities
WordPress Plugin Participants Database SQL Injection (1.9.5.5)
WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Security Bypass (4.9.3)
Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829)
WordPress Plugin The Events Calendar:Eventbrite Tickets Cross-Site Scripting (3.9.6)