| Details | |
|---|---|
| Alert Id | 40003 |
| Alert Type | Active |
| Status | release |
| Risk | Medium |
| CWE | 113 |
| WASC | 25 |
| Technologies Targeted | All |
| Tags |
OWASP_2017_A01 OWASP_2021_A03 WSTG-V42-INPV-15 |
Summary
Cookie can be set via CRLF injection. It may also be possible to set arbitrary HTTP response headers. In addition, by carefully crafting the injected response using cross-site script, cache poisoning vulnerability may also exist.
Solution
Type check the submitted parameter carefully. Do not allow CRLF to be injected by filtering CRLF.Other Info
References
- http://www.watchfire.com/resources/HTTPResponseSplitting.pdf
- http://webappfirewall.com/lib/crlf-injection.txtnull
- http://www.securityfocus.com/bid/9804