CVE-2015-5285

2015-10-29T16:59:04
ID CVE-2015-5285
Type cve
Reporter NVD
Modified 2015-10-30T16:00:12

Description

CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.