A critical security flaw (CVE-2023-50969) has been discovered in Imperva SecureSphere WAF with a CVSS score of 9.8. Attackers can bypass WAF security protocols by manipulating "Content-Encoding" headers in HTTP requests. This vulnerability poses a significant risk to the security of web applications protected by Imperva SecureSphere WAF. More details can be found in the tweet linked below: https://t.co/YBq76eTJ25 https://t.co/wk0CvW5iSL
Check out the original tweet here: https://twitter.com/TheCyberExpress/status/1775051425766379851