Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.

Remediation

References

CVE-2022-26377

Related Vulnerabilities

e107 Other Vulnerability (CVE-2006-2590)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)

WordPress Plugin CMS Tree Page View Multiple Vulnerabilities (1.4)

WordPress Plugin Login as User or Customer Cross-Site Request Forgery (1.9)

CubeCart Improper Authentication Vulnerability (CVE-2014-2341)

Severity

High

Classification

CVE-2022-26377 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities