Azure Front Door client-side desync

A client-side desync vulnerability was discovered in Front Door, one of Azure's CDN solutions,
caused by mishandling of the 'Content-Length' header in HTTP requests. Exploiting this vulnerability
would most likely require user interaction through social engineering (such as clicking on a malicious
link), but could allow an attacker to steal session cookies or forge responses to victim requests.

attacker azure azure front door cdn clicking client client-side cookies door engineering exploiting forge header http http requests length link malicious malicious link requests session social social engineering solutions steal vulnerability