Akamai Diversity

Akamai Security Intelligence
& Threat Research

January 2020 Archives

Akamai

Akamai

January 13, 2020 12:00 PM

HTTP Cache Poisoning Advisory

Summary On January 14, 2020, CERT CC published an advisory warning of the potential use of Content Delivery Networks (CDNs) to cache malicious traffic. Akamai acknowledges this issue and has been aware of similar research in the past. This advisory highlights a reflected XSS vulnerability in origin web applications that exists whether or not a CDN is involved, exacerbated by having responses cached. Site operators should be aware that HTTP