Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03924)

Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation. Apache Traffic Server is vulnerable to an input validation error, which could be exploited by attackers to request secure resources...

Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03923)

Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation. Apache Traffic Server is vulnerable to an input validation error, which could be exploited by attackers to smuggle requests...

Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03926)

Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation. Apache Traffic Server versions 8.0.0 through 9.1.2 are vulnerable to an input validation error, which could be exploited by an attacker to send invalid headers...

PayPal: Bypass for #488147 enables stored XSS on https://paypal.com/signin again

Due to a configuration in frontend, caching servers, it was possible for a researcher to use request smuggling to convert a page request into a cached redirect. If the cached redirect were accessed by a legitimate user, an attacker's content would be rendered instead of the requested page. While...

PayPal: Stored XSS on https://paypal.com/signin via cache poisoning

Due to a configuration in frontend, caching servers, it was possible for a researcher to use request smuggling to convert a page request into a cached redirect. If the cached redirect were accessed by a legitimate user, an attacker's content would be rendered instead of the requested page. While...