exploitDog

GHSA-gxxq-44xj-mgmq

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, via CRLF sequences in an unspecified web form.

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, via CRLF sequences in an unspecified web form.

Ссылки

EPSS

Процентиль: 57%

0.00357

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2009-1591

nvd

почти 17 лет назад

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, via CRLF sequences in an unspecified web form.

EPSS

Процентиль: 57%

0.00357

Низкий

CVE ID

Дефекты

CWE-79