HTTP Response Splitting(CRLF injection) in bi.owox.com
O
OWOX, Inc.
Submitted None
Actions:
Reported by
quistertow
Vulnerability Details
Technical details and impact analysis
Hello,
I found a CRLF injection vulnerability in bi.owox.com
> More about HTTP response splitting https://www.owasp.org/index.php/Testing_for_HTTP_Splitting/Smuggling_(OTG-INPVAL-016)
**POC (Burp)** > Adding a new header with ```%0d%0a```
{F122461}
Regards,
Florin
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Command Injection - Generic