Unrated severityNVD Advisory· Published Jan 3, 2023· Updated Oct 22, 2024
CVE-2022-42471
CVE-2022-42471
Description
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary headers.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.