servicemesh-proxy is vulnerable to privilege escalation. An attacker is able to exploit the vulnerability by crafting an HTTP request that defines a certain pattern of escaped characters in the URI path (such as %2F, %2f, %5C or %5c), allowing them to bypass the authorization service.