Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability - CVE-2020-11724 - Vulnerability Database
Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability - CVE-2020-11724
High
Reference:
CVE-2020-11724
Title:
Open Resty Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Overview:
An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling as demonstrated by the ngx.location.capture API.