Description
In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location.
Remediation
References
https://github.com/ktorio/ktor/issues/1467
Related Vulnerabilities
CVE-2023-33779 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2022-25312 Vulnerability in maven package org.apache.any23:apache-any23
CVE-2022-25901 Vulnerability in npm package cookiejar
CVE-2021-23648 Vulnerability in npm package @braintree/sanitize-url
CVE-2022-25867 Vulnerability in maven package io.socket:socket.io-client