Description
CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
WordPress Plugin Spectra-WordPress Gutenberg Blocks Security Bypass (1.14.7)
WordPress Plugin cformsII Multiple Cross-Site Scripting Vulnerabilities (14.13.2)
WordPress Plugin Ninja Announcements Lite 'ninja_annc.php' SQL Injection (1.2.3)
WordPress Plugin Language Bar Flags Cross-Site Request Forgery (1.0.8)