Описание
This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.
Ссылки
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022.4 (исключая)
cpe:2.3:a:solarwinds:security_event_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01321
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 3 лет назад
This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.
EPSS
Процентиль: 80%
0.01321
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79