Description
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Directory Cross-Site Scripting (3.7.1)
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6449)
Moodle CVE-2021-36394 Vulnerability (CVE-2021-36394)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.24)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)