Title: CVE-2022-39956 | OWASP ModSecurity Core Rule Set up to 3.0.x/3.1.x/3.2.1/3.3.2 HTTP Multipart Request Content-Type/Content-Transfer-Encoding authorization
Description: A vulnerability was found in OWASP ModSecurity Core Rule Set up to 3.0.x/3.1.x/3.2.1/3.3.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component HTTP Multipart Request Handler. The manipulation of the argument Content-Type/Content-Transfer-Encoding leads to incorrect authorization.
Link:
https://vuldb.com/?id.209132
Tue, 20 Sep 2022 12:22:11 +0200
--- The information is for informational purposes only.
* Origin: Read us with
http://winpoint.org/ (2:467/888.88)