Thibault Charbonnier

CVE-2020-11724 WRITEUP HIGH WRITEUP

OpenResty < 1.15.8.4 - HTTP Request Smuggling via ngx.location.capture API

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

CVSS 7.5

View Code

CVE-2020-11724 WRITEUP HIGH WRITEUP

OpenResty < 1.15.8.4 - HTTP Request Smuggling via ngx.location.capture API

An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API.

CVSS 7.5

View Code