CVE-2022-39955 Information

Description

The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. A vulnerable back-end can potentially be exploited by declaring multiple Content-Type ## Reference https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/