HTTP Request Injection
Variants:
Direct Persistent Session
Also Known As:
HRI
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Input Validation
Invented In:
25/11/2014
Added In:
28/11/2014
Vector Operation Method:
Malicious inputs can inject additional HTTP requests into HTTP connections used between two server-side entities - currently verified for raw client sockets and HTTP 1.1 connection with various servers
