“ParseThru” – Exploiting HTTP Parameter Smuggling in Golang - (Updated October 10, 2022)
Oxeye’s security research team has found a security vulnerability in Golang-based applications. Under certain conditions, it lets a threat actor bypass validations based on HTTP request parameters due to the use of unsafe URL parsing.