Description
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
Remediation
References
Related Vulnerabilities
WordPress Plugin Smart Flv 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities (1.0)
WordPress 5.2.x Prototype Pollution (5.2 - 5.2.14)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2012-4557)
Python Data Processing Errors Vulnerability (CVE-2013-7440)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763)