Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.

Remediation

References

CVE-2022-36760

Related Vulnerabilities

WordPress Plugin Great Restaurant Menu WP SQL Injection (1.4.1)

WordPress Plugin Register Plus 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities (3.5.1)

OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1633)

WordPress Plugin Premium SEO Pack Multiple Vulnerabilities (1.8.0)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3479)

Severity

Critical

Classification

CVE-2022-36760 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities