CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer prior to 1.3114 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
dancer dancer |
||
dancer dancer 1.3111_01 |
||
dancer dancer 1.3071 |
||
dancer dancer 1.150 |
||
dancer dancer 1.3111 |
||
dancer dancer 1.3110 |
||
dancer dancer 1.3079_5 |
||
dancer dancer 1.3079_3 |
||
dancer dancer 1.3112 |
||
dancer dancer 1.3060 |
Vulmon