Description
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions.
Remediation
References
Related Vulnerabilities
WordPress Plugin 3D Product configurator for WooCommerce Arbitrary File Upload (1.5.531)
Oracle HTTP Server CVE-2016-0671 Vulnerability (CVE-2016-0671)
WordPress Plugin Baggage Freight Shipping Australia Arbitrary File Upload (0.1.0)
WordPress Plugin fitness calculators Cross-Site Request Forgery (1.9.5)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15735)