It was discovered that cpp-httplib incorrectly percent-decoded HTTP request header values. A remote attacker could use this to inject crafted header content possibly leading to response splitting, log injection or proxy smuggling.
Continue reading...
Continue reading...

