Description
It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.
Remediation
References
Related Vulnerabilities
WordPress Plugin The Sorter SQL Injection (1.0)
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.26)
WordPress Plugin WooCommerce-Store Exporter CSV Injection (2.3.1)
WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2606)