Apache reverse proxy flaw enabled hackers to access off-limits folders by simply inputting a directory path with a missing forward slash. With the slash removed, the application is no longer locked down to a hard-coded root or an anchor folder. Apache Software Foundation rolled out a patch last week to fix an Apache Server reverse-proxy vulnerability. Apache 2.2 has suffered 43 vulnerabilities over the past few years, Secunia’s vulnerability database shows. The vulnerability also demonstrates the importance of always testing your applications.”]
Source: https://www.csoonline.com/article/2620721/lesson-from-apache-flaw–test-everything.html