Description

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.

Remediation

References

CVE-2004-1584

Related Vulnerabilities

Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.18)

WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.4.5)

Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187)

Oracle Database Server Other Vulnerability (CVE-2001-1041)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2018-2628)

Severity

Medium

Classification

CVE-2004-1584

Tags

Missing Update Known Vulnerabilities