Inappropriate escaping of output in mod_rewrite in Apache HTTP Server two.4.59 and earlier enables an attacker to map URLs to filesystem destinations that are permitted to become served via the server but usually are not intentionally/immediately reachable by any URL, leading to code execution or source code disclosure. Apache attempts https://barrettr974atc0.wikiap.com/user