Description
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking Calendar Cross-Site Scripting (7.1)
Jenkins Incorrect Authorization Vulnerability (CVE-2017-2611)
Ruby Improper Authentication Vulnerability (CVE-2008-3905)
WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44)
WordPress Plugin ShareYourCart Information Disclosure (1.6.1)