CVE-2023-24021 Information

Jan 21, 2023 cve

Description

In ModSecurity before 2.9.7 FILES_TMP_CONTENT sometimes lacked the complete content. This can lead to a Web Application Firewall bypass.

Reference

https://github.com/SpiderLabs/ModSecurity/pull/2857/commits/4324f0ac59f8225aa44bc5034df60dbeccd1d334 https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.7 https://github.com/SpiderLabs/ModSecurity/pull/2857

Share on: