Vulnerabilities > Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-19 | CVE-2007-5595 | Http Response Splitting vulnerability in Drupal CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | 5.1 |