Description
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
Remediation
References
Related Vulnerabilities
Java Multiple Vulnerabilities (CVE-2018-13785)
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
WordPress Other Vulnerability (CVE-2007-1599)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6104)
WordPress Plugin Sliding Recent Posts Cross-Site Request Forgery (1.0)