[downloads.mariadb.org] CRLF injection in case of encoded query mark
Medium
M
MariaDB
Submitted None
Team Summary
Official summary from MariaDB
A CRLF injection vulnerability was reported and fixed for our downloads.mariadb.org website. The attack could lead to cookie injection, HTTP response splitting and session fixation attacks, amongst other things, across mariadb domains.
Actions:
Reported by
s_p_q_r
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
CRLF Injection