Apache Httpd < 2.4.16 : HTTP request smuggling attack against chunked request parser
An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use...