Description
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
Remediation
References
Related Vulnerabilities
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4281)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0788)
Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703)
WordPress Plugin WP Support Plus Responsive Ticket System PHP Object Injection (9.0.3)