CRLF Injection Vulnerability in WebCalendar 1.0.1 Allows HTTP Response Splitting Attacks

CRLF Injection Vulnerability in WebCalendar 1.0.1 Allows HTTP Response Splitting Attacks

CVE-2005-3982 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Learn more about our Web App Pen Testing.