[wp-trac] [WordPress Trac] #61673: URL-encoded _wp_http_referer causes Apache AH10508, leading to 403 in several places
WordPress Trac
noreply at wordpress.org
Wed Jul 17 15:56:09 UTC 2024
#61673: URL-encoded _wp_http_referer causes Apache AH10508, leading to 403 in
several places
-------------------------+------------------------------
Reporter: vsteiner | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.6
Severity: major | Resolution:
Keywords: | Focuses:
-------------------------+------------------------------
Comment (by erhaweb):
The TYPO3 Security Team was able to prove that this problem is not a
problem for which TYPO3 is responsible.
https://forge.typo3.org/issues/104410
Discussion about this (in german):
https://forum.t3academy.de/d/507-strato-create-content-forbidden-
error-403-cve-2024-38474-unsafeallow3f/
The german Contao community also came to the conclusion that this problem
is directly related to STRATO.
https://community.contao.org/de/showthread.php?87114-Fehler-403-Forbidden-
durch-Cookiebar-AH10508-Unsafe-URL-with-3f-URL-rewritten
Maybe this will help you with further judgement 😉
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61673#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list