A newly disclosed security vulnerability in ModSecurity, one of the most widely deployed web application firewalls, could allow attackers to crash protected web applications through carefully crafted XML requests containing empty tags.
The vulnerability, tracked as GHSA-gw9c-4wfm-vj3x, affects mod_security2 versions 2.9.8 and later when...