Description
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.3)
PrestaShop Incorrect Authorization Vulnerability (CVE-2020-5288)
Moodle CVE-2021-36402 Vulnerability (CVE-2021-36402)
WordPress Plugin Migration, Backup, Staging-WPvivid Cross-Site Scripting (0.9.55)
WordPress Plugin BP Group Documents Multiple Vulnerabilities (1.2.1)