CVE-2018-11759 – Apache mod_jk access control bypass

Vulnerability Summary Due to discrepancies between the specifications of httpd and Tomcat for path resolution, Apache mod_jk Connector 1.2.0 to 1.2.44 access controls to endpoints defined by a JkMount httpd… Lire la suite →