Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability - CVE-2020-11724 - Vulnerability Database
Open Resty

Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability - CVE-2020-11724

High
Reference: CVE-2020-11724
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-11724
Title: Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Overview:

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling as demonstrated by the ngx.location.capture API.