Description
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.
Remediation
References
Related Vulnerabilities
WordPress MU 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities (1.0 - 2.5.1)
WordPress Plugin GD Star Rating 'wpfn' Parameter Cross-Site Scripting (1.9.8)
WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (3.2.10)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)