A bypass for Imperva SecureSphere WAF has been discovered by sending a request with two (or more) specially-crafted Content-Encoding headers. This bypass affects the Imperva SecureSphere WAF and can be used to evade its blocking rule. For more technical details, refer to the blog post: https://t.co/EtYfYhi1ei
Check out the original tweet here: https://twitter.com/autumn_good_35/status/1773668168017367227