CVE-2018-11759 – Apache mod_jk access control bypass

Vulnerability Summary Due to discrepancies between the specifications of httpd and Tomcat for path handling, Apache mod_jk Connector 1.2.0 to 1.2.44 access controls to endpoints defined by a JkMount httpd… read more →