Apsis · Apsis Pound · CVE-2016-10711
**Name of the Vulnerable Software and Affected Versions**
Apsis Pound versions prior to 2.8a
**Description**
The issue is related to deficiencies in handling HTTP requests, which can be exploited by a remote attacker to send a hidden HTTP request, known as an HTTP Request Smuggling attack, using specially crafted headers.
**Recommendations**
For versions prior to 2.8a, update to version 2.8a or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy server to minimize the risk of exploitation.