Description

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.

Remediation

References

CVE-2016-10003

Related Vulnerabilities

WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Security Bypass (1.7.14)

Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5875)

MediaWiki CVE-2021-42049 Vulnerability (CVE-2021-42049)

Drupal Resource Management Errors Vulnerability (CVE-2014-5266)

WordPress Plugin WP-Lister Lite for Amazon Cross-Site Scripting (2.4.3)

Severity

High

Classification

CVE-2016-10003 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities