Description
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
Remediation
References
Related Vulnerabilities
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-9707)
MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)
Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)
WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)