Описание
Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.
EPSS
Процентиль: 20%
0.00066
Низкий
Дефекты
CWE-444
Связанные уязвимости
github
около 2 месяцев назад
Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.
EPSS
Процентиль: 20%
0.00066
Низкий
Дефекты
CWE-444