Description
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
Remediation
References
Related Vulnerabilities
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.1)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Unspecified Vulnerability (4.9.4)
WordPress Plugin Pods-Custom Content Types and Fields SQL Injection (2.5.1.1)