5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.9%
ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a “string index out of range” error and worker-process crash for a “Cookie: =abc” header.
github.com/SpiderLabs/ModSecurity/issues/2566