Dark Reading

New HTTP Request Smuggling Attacks Target Web Browsers

BLACK HAT USA – LAS VEGAS – A security researcher who previously demonstrated how attackers can abuse weaknesses in the way websites handle HTTP requests warned that the same issues can be used in ...
ZDNet

HAProxy urges users to update after HTTP request smuggling vulnerability found

Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP Content-Length ...
Dark Reading

h2c Smuggling: A New 'Devastating' Kind of HTTP Request

A new type of hack that piggybacks malicious Web requests alongside legitimate ones could be used to create a broad range of havoc in an organization, a report from cybersecurity company Bishop Fox ...
CSOonline

Major SAP vulnerability requires urgent patch to prevent HTTP request smuggling attacks

Exploitation possible via simple HTTP request In a report, Onapsis stated that the vulnerability can be exploited via an attack known as HTTP request smuggling, which can be used to steal credentials ...