A newly disclosed vulnerability in theOWASP Core RuleSet (CRS)allows attackers to bypass charset validation in web application firewalls (WAFs), enabling dangerous payloads to reach backend applications. Tracked asCVE-2026-21876, the flaw affects CRS rule922110and can expose applications tocross-site scripting (XSS)and other encoding-based attacks. Administrators are strongly advised to upgradeimmediatelyand review historical logs for suspicious multipart requests […] The post OWASP CRS Vulnerability Enables Charset Validation Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/owasp-crs-vulnerability/
