CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-21T11:00:00
Updated: 2009-03-03T10:00:00
Reserved: 2008-11-20T00:00:00
Link: CVE-2008-5189
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-11-21T12:00:00.187
Modified: 2019-08-08T14:43:53.293
Link: CVE-2008-5189
JSON object: View
Redhat Information
No data.
CWE