Some people prioritize setting up a site and making logos rather than working with the community to address the issues using what we often refer to as "responsible disclosure".
(it's some ad for a talk coming in a few weeks which they insist will reveal something bad about HTTP/1)
Follow
@bagder I'm assuming this is limited to situations where front-end talk to back-end servers which allows an attacker to insert unauthorized HTTP requests after first sending a malformed HTTP request.
Apparently it affects companies using a certain CDN as well.
https://portswigger.net/research/talks?talkId=32
