This is incredible and it looks like it could affect massive numbers of sites - unfortunately the article doesn't summarise the problem very well.<p>The vector is subtle differences in HTTP header parsing between your front end (reverse proxy, load balancer etc) and your back end (web server).<p>"New Relic deployed a hotfix and diagnosed the root cause as a weakness in an F5 gateway. As far as I'm aware there's no patch available, meaning this is still a zeroday at the time of writing.".<p>Edit: other major companies he revealed were affected were: PayPal, Trello, Redhat.