Description
Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474)
Squid Improper Input Validation Vulnerability (CVE-2014-7142)
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)
WordPress Plugin Mapplic Lite Server-Side Request Forgery (1.0)
WordPress Plugin Omni Secure Files 'upload.php' Arbitrary File Upload (0.1.13)