{"vulnerability": "CVE-2020-4706", "sightings": [{"uuid": "38e85d64-20fa-42de-a94f-d5afd3ac6d31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-4706", "type": "seen", "source": "https://t.me/cibsecurity/27425", "content": "\u203c CVE-2020-4706 \u203c\n\nIBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 187194.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-17T18:15:46.000000Z"}]}