CVE-2023-53878

Vulnerability Description

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.

Related Weaknesses (CWE)

CWE-444

References

https://www.exploit-db.com/exploits/51710
https://www.phpjabbers.com/member-login-script/
https://www.vulncheck.com/advisories/member-login-script-client-side-request-des

FAQ

What is CVE-2023-53878?

CVE-2023-53878 is a documented vulnerability. Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send...

How severe is CVE-2023-53878?

CVSS scoring is not yet available for CVE-2023-53878. Check NVD for updates.

Is there a patch for CVE-2023-53878?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.