Request Smuggling
Description
Invicti has detected an inconsistency in HTTP request parsing between a reverse proxy and the web application. An unauthenticated attacker may exploit this issue and poison requests of other users, which may lead to various consequences including account takeover.
Remediation
Setup a web application and all intermediate servers, so they have equivalent HTTP requests parsing