
CVE-2020-1938: Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability - zspitzer
https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
======
zspitzer
Alas, Apache Httpd's mod_proxy_ajp still doesn't support secrets

[https://bz.apache.org/bugzilla/show_bug.cgi?id=53098](https://bz.apache.org/bugzilla/show_bug.cgi?id=53098)

