Litespeedtech: >> Openlitespeed >> 1.6.0 Security Vulnerabilities
OpenLiteSpeed before 1.8.1 mishandles chunked encoding.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-05-22
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-08-14
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-01-06