Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Squid Insufficient Verification of Data Authenticity Vulnerability - CVE-2016-4554 - Vulnerability Database
Squid

Squid Insufficient Verification of Data Authenticity Vulnerability - CVE-2016-4554

High
Reference: CVE-2016-4554
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-4554
Title: Squid Insufficient Verification of Data Authenticity Vulnerability
Overview:

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header aka a quotheader smugglingquot issue.