Python‑Multipart parses request bodies and, before version 0.0.30, treats the semicolon as a field separator for application/x‑www‑form‑urlencoded data, unlike the WHATWG URL standard and common library behaviour which use only the ampersand. This causes the same input bytes to be tokenised into different fields than a compliant intermediary would, letting an attacker introduce additional form fields that bypass inspection. The effect is that hidden parameters can be injected into the parsed form data, potentially undermining validation, authentication, or other logic that relies on the parsed fields.

The flaw exists in all releases of Kludex python‑multipart earlier than 0.0.30. Attacking systems that use this library to parse multipart/form‑data or application/x‑www‑form‑urlencoded request bodies are affected. The issue was fixed in release 0.0.30, which removes the semicolon separator.

The CVSS score of 3.7 indicates a moderate impact, and the EPSS score is currently unavailable, suggesting a limited but possible likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to send a specially crafted HTTP request containing a semicolon‑separated encoded body; the upstream application would receive the smuggled fields as distinct parameters. Because this requires network access to the target and no local execution, the attack vector is remote network access. While the damage is limited to the injection of hidden parameters, it could be leveraged to subvert security controls that do not validate the source of parameters.