CVE-2007-5595

2007-10-19T23:17:00
ID CVE-2007-5595
Type cve
Reporter cve@mitre.org
Modified 2018-10-26T14:13:00

Description

CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.