Description
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2014-3710)
MySQL CVE-2017-3452 Vulnerability (CVE-2017-3452)
WordPress Plugin Random Banner Cross-Site Scripting (4.1.4)
WordPress Plugin User Activity Log Multiple Vulnerabilities (1.2.4)
Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)