0.002 Low
EPSS
Percentile
59.2%
Due to several violations of the HTTP standard as defined in RFC7230, Waitress is vulnerable to HTTP request smuggling when used with an upstream proxy that exhibits nonstandard behaviour.
Each issue is explained in the Occurrences section below.
datatracker.ietf.org/doc/html/rfc7230
snyk.io/blog/demystifying-http-request-smuggling/