The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss data grid - |
||
redhat jboss data grid 7.0.0 |
||
redhat jboss enterprise application platform - |
||
redhat jboss enterprise application platform 6.4.21 |
||
redhat jboss enterprise application platform 7.0.0 |
||
redhat jboss enterprise application platform 7.2.0 |
||
redhat jboss enterprise application platform 7.3.0 |
||
redhat openshift application runtimes - |
||
redhat single sign-on - |