Hello, We received in error in our application after we have upgraded to 8.5.34
INFO: Error parsing HTTP request header Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 The URI we have for this problem has the following param (did work with 8.5.28) defaultMessageType=true&locale=en_US&action=[key:label.edit] The issue is the action parameter value. Could someone help me understand the following? 1) Since the issue didn't happen for 8.5.28 - this means some CVE has triggered this change to be in place. I am just trying to confirm if this is CVE-2016-681 ? If not, could you please let me know which one that is? 2) Apart from refactoring code, is there any recommended corrective action? Thanks,