CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-10-19T23:00:00
Updated: 2024-08-07T15:39:13.298Z
Reserved: 2007-10-19T00:00:00
Link: CVE-2007-5595
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2007-10-19T23:17:00.000
Modified: 2018-10-26T14:13:00.390
Link: CVE-2007-5595
Redhat
No data.