CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-01-18T14:00:00
Updated: 2024-08-06T09:58:16.280Z
Reserved: 2014-02-17T00:00:00
Link: CVE-2014-2017
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-01-18T14:29:00.227
Modified: 2018-02-06T17:28:57.800
Link: CVE-2014-2017
Redhat
No data.