CVE-2022-32221: POST following PUT confusion