In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
References
Configurations
History
07 Nov 2023, 03:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-09-25 17:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-10098
Mitre link : CVE-2019-10098
CVE.ORG link : CVE-2019-10098
JSON object : View
Products Affected
apache
- http_server
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')