Active authentication bypass vulnerabilities have been identified in Versa Concerto. To reduce the risk, organizations can apply two urgent remediation steps at the proxy/WAF level. One of the steps is to block semicolons in URL paths to neutralize the decoding. This measure can help mitigate the vulnerability until official patches are released. Stay informed for further updates and patches from Versa Concerto.
Reducing risk from active authentication bypass vulnerabilities in Versa Concerto.
While waiting for official patches, here are two urgent remediation steps organizations can apply today at the proxy/WAF level:
? Block semicolons in URL paths to neutralize the decoding…
— ProjectDiscovery (@pdiscoveryio) June 14, 2025