cve/CVE-2016-9964.md at 080c77ded0654f051cb1bc3976c3cd169cb797da

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

622 B

Raw Blame History

CVE-2016-9964

Description

redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.

622 B

Raw Blame History

CVE-2016-9964

Description

POC

Reference

Github

622 B Raw Blame History

CVE-2016-9964

Description

POC

Reference

Github

622 B

Raw Blame History