0.002 Low
EPSS
Percentile
57.5%
It has been discovered that the mod_session module of Apache HTTP Server (httpd), through version 2.4.29, has an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a “Session” header.
0.002 Low
EPSS
Percentile
57.5%