๐ Internet Bug Bounty: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Summary HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2023-27522 Impact The response headers can be truncated, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the... ...