Description
The web server has several virtual hosts. Due to an incorrect configuration of virtual hosts, files of one virtual host is located inside a directory of another one. Therefore, an attacker may access parts of the source code of your web application.
Remediation
Change vitrual hosts configuration, so each of them have a separate root directory
References
Related Vulnerabilities
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.2)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.35)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3731)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3732)