Description

CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.

Remediation

References

CVE-2015-0881

Related Vulnerabilities

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4421)

WordPress Plugin Like Button Rating-LikeBtn Security Bypass (2.5.3)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5264)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0558)

WordPress Plugin Easy Accept Payments for PayPal Cross-Site Scripting (4.9.9)

Severity

Medium

Classification

CVE-2015-0881

Tags

Missing Update Known Vulnerabilities