CVE-2020-35539

CVE-2020-35539

A flaw was found in WordPress 5.1. "X-Forwarded-For" is a HTTP header used to carry the client’s original IP address. However, because these headers may very well be added by the client to the requests, if the systems/devices use IP addresses which decelerate at X-Forwarded-For header instead of original IP, various issues may be faced. If the data originating from these fields is trusted by the application developers and processed, any authorization checks originating IP address logging could be manipulated.

Source: CVE-2020-35539

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다