Apache has released a new HTTP Server version to address two security flaws; CVE-2023-25690 and CVE-2023-27522. The vulnerabilities may allow an attacker to perform HTTP smuggling attacks on a vulnerable server. On successful exploitation, these vulnerabilities could result in information disclosure and enable attackers to execute further attacks. The Apache HTTP Server, also called … Continue reading “Apache Patches HTTP Request Splitting Vulnerabilities in its HTTP Server (CVE-2023-25690 and CVE-2023-27522)”