HTTP Request Smuggling attack
From Prashant Gawade, Palisade Magazine.
"...
HTTP Request Smuggling (HRS) attack is the result of a device failure to properly handle deformed inbound HTTP requests. HRS works by taking benefit of the discrepancies in HTTP request parsing when one or more HTTP devices are in the data flow between the user and the web server. HTTP Request smuggling leads to various attacks like web cache poisoning, session hijacking, cross-site scripting etc.
..."
read more ...
No comments:
Post a Comment