by A researcher inadvertently discovered a newline character (CRLF) injection vulnerability in the Akamai Web Application Firewall (WAF) during a demonstration for a client, which could break through the firewall rules and launch cross-site scripting (XSS) on the website attack. It is worth noting that the researchers believe that most of the WAFs of other brands also have similar vulnerabilities. ChatGPT, a machine learning language model, is gaining popularity, and hackers are also interested in this situation, using it to spread a variety of malware to computer and mobile phone users, and even want to steal credit card information. Last month, Microsoft patched the Windows backup service vulnerability CVE-2023-21752, and now it is reported that hackers are analyzing the proof-of-concept code and intend to use the vulnerability for attack operations.
