Описание
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
Ссылки
- Broken Link
- Mailing List
- Release Notes
- Broken Link
- Mailing List
- Release Notes
Уязвимые конфигурации
EPSS
8.2 High
CVSS3
Дефекты
Связанные уязвимости
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
HAProxy before 2.8.2 accepts # as part of the URI component, which mig ...
EPSS
8.2 High
CVSS3