A cache poisoning vulnerability was identified on addons.allizom.org that allowed an attacker to block access to static resources such as images and JavaScript files. The issue was exploited by processing the X-HTTP-Method-Override header, which was honored by the origin server and treated the request as a HEAD request, generating a "200 OK" response with an empty body that was then…Read More
Mozilla: Denial of Access to Static Resources via Cache Poisoning on addons.allizom.org
