Description
Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
Remediation
References
Related Vulnerabilities
WordPress Plugin Affiliate Link Manager Cross-Site Scripting (2.1.1)
Jenkins Improper Input Validation Vulnerability (CVE-2013-0331)
WordPress Plugin WP SMS Cross-Site Scripting (5.4.12)
Nginx Use After Free Vulnerability (CVE-2022-32414)
WordPress Plugin Publish to Schedule Cross-Site Scripting (4.5.4)