Unrated severityNVD Advisory· Published May 28, 2008· Updated Jun 16, 2026
CVE-2008-2497
CVE-2008-2497
Description
CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Affected products
2cpe:2.3:a:mambo-foundation:mambo:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mambo-foundation:mambo:*:*:*:*:*:*:*:*range: <=4.6.4
- (no CPE)range: <4.6.4
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.