CVE-2020-15049: XSS
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
Other sources
Squid-Cache Squid is vulnerable to HTTP request smuggling, caused by improper input validation. By sending specially crafted HTTP(S) request messages, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is CVE-2020-15049?
CVE-2020-15049 is a vulnerability in Squid-Cache Squid that allows for HTTP request smuggling due to improper input validation.
What is the severity of CVE-2020-15049?
CVE-2020-15049 has a severity rating of critical, with a CVSS score of 9.9.
How does CVE-2020-15049 affect Squid?
CVE-2020-15049 affects Squid versions before 4.12 and 5.x before 5.0.3.
How can I fix CVE-2020-15049 in Squid?
To fix CVE-2020-15049 in Squid, update to version 4.12 or 5.0.3 or later.
Where can I find more information about CVE-2020-15049?
More information about CVE-2020-15049 can be found at the following references: - [http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html](http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html) - [http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html](http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html) - [http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch](http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch)