Vulnerabilities > CVE-2021-20784 - Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability in Voidtools Everything

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
voidtools
CWE-644

Summary

HTTP header injection vulnerability in Everything version 1.0, 1.1, and 1.2 except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product.