HTTP Response Smuggling
Variants:
Direct
Vector Type:
Attack
Relevance:
Generic
Layer:
Web-Infrastructure-Level
Platforms:
Any
Target Type:
Web Application
Affected Mechanisms:
Input Validation, Hardening
Invented In:
20/02/2006
Added In:
10/12/2014
Vector Operation Method:
Use abnormal inputs to affect HTTP response headers and content in order to inject malicious header to poison proxy and browser cache with malicious content or malicious technology specific same origin instructions.
