Authorization Bypass
modsecurity-crs:buster is vulnerable to Authorization Bypass. Use of X.Filename instead of XFilename by an attacker may allow bypassing some PHP script uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...