HTTP Request Smuggling Vulnerability in Node.js 10, 12, and 13: Malicious Payload Delivery via Malformed Transfer-Encoding

HTTP Request Smuggling Vulnerability in Node.js 10, 12, and 13: Malicious Payload Delivery via Malformed Transfer-Encoding

CVE-2019-15605 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

Learn more about our Web Application Penetration Testing UK.