Описание
HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks that may result in an arbitrary script injection or setting an arbitrary cookie values via unspecified vectors.
Ссылки
- Permissions RequiredVendor Advisory
- Third Party Advisory
- Permissions RequiredVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.50r05 (включая)
cpe:2.3:a:daj:i-filter:*:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00272
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-113
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks that may result in an arbitrary script injection or setting an arbitrary cookie values via unspecified vectors.
EPSS
Процентиль: 50%
0.00272
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-113