6.1 Medium
AI Score
Confidence
High
0.289 Low
EPSS
Percentile
96.9%
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
access.redhat.com/security/cve/cve-2016-1000110
bugs.python.org/issue27568
httpoxy.org/