CVE-2023-38199
The CVE-2023-38199 entry concerns coreruleset (OWASP ModSecurity Core Rule Set) up to version 3.3.4. The issue is that some platforms do not detect multiple Content-Type request headers, which can cause a WAF to be bypassed when an application relies on the last Content-Type header. This is a hea...