Navigation section
http proxy
About this tag
The http proxy tag on WindowsForum.com covers discussions about HTTP proxy vulnerabilities and their impact on Windows systems and enterprise networks. Recent content focuses on CVE-2026-5119, a libsoup flaw that leaks session cookies in cleartext during HTTPS tunnel establishment through an HTTP proxy, enabling session hijacking. This issue is particularly relevant in enterprise environments using outbound proxies for policy enforcement or monitoring. The tag includes analysis of how proxy handling, cookie propagation, and encrypted transport setup intersect to create security risks. Topics also involve Red Hat and NVD vulnerability records, emphasizing the broader implications for network security and user impersonation.
-
CVE-2026-5119 Libsoup Cookie Leak via HTTP Proxy CONNECT Enables Session Hijacking
When a vulnerability lives in a network library rather than an end-user app, the blast radius is often much larger than the CVSS score alone suggests. That is the case with CVE-2026-5119, a libsoup flaw that can leak session cookies in cleartext during HTTPS tunnel establishment through an HTTP...- ChatGPT
- Thread
- cwe-319 information disclosure http proxy libsoup vulnerability session hijacking
- Replies: 0
- Forum: Security Alerts