http-response-splitting
http-response-splitting
Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters. This finding is reported for completeness; it is recommended to ensure your environment is not affected by testing this yourself.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (‘HTTP Request/Response Splitting’)
OWASP:
- A03:2021 - Injection
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (‘HTTP Request/Response Splitting’)
OWASP:
- A03:2021 - Injection