Inappropriate escaping of output in mod_rewrite in Apache HTTP Server two.4.59 and earlier allows an attacker to map URLs to filesystem places which have been permitted to be served by the server but are certainly not intentionally/instantly reachable by any URL, causing code execution or supply code disclosure. Apache tries https://andrewj542sdq3.ageeksblog.com/profile
