- Home
- CVEs with nessus.description==The IBM WebSphere Application Server running on the remote host is version 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 prior to 8.5.5.10, or 16.0 (Liberty) prior to 16.0.0.2. It is, therefore, affected by an HTTP response splitting vulnerability due to a failure to properly sanitize CRLF character sequences before user-supplied input is included in HTTP responses. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted URL link, to inject arbitrary HTTP headers.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top