A newly disclosed vulnerability in the OWASP Core Rule Set (CRS) allows attackers to bypass charset validation in web application firewalls (WAFs), enabling dangerous payloads to reach backend applications.   Tracked as CVE-2026-21876, the flaw affects CRS rule 922110 and can expose applications to cross-site scripting (XSS) and other encoding-based attacks.  Administrators are strongly advised to upgrade immediately and review historical logs for suspicious multipart requests […]

The post OWASP CRS Vulnerability Enables Charset Validation Bypass  appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/owasp-crs-vulnerability/