Incorrect escaping of output in mod_rewrite in Apache HTTP Server two.4.fifty nine and before enables an attacker to map URLs to filesystem locations that happen to be permitted to be served from the server but usually are not intentionally/specifically reachable by any URL, leading to code execution or supply code https://apache-support90111.wikinstructions.com/809807/getting_my_install_apache_web_server_to_work