An improper neutralization of CRLF sequences in HTTP headers (‘HTTP Response Splitting’) vulnerability [CWE-113] in FortiOS and FortiProxy may allow an authenticated and remote attacker to inject arbitrary headers.
CPE | Name | Operator | Version |
---|---|---|---|
fortiproxy | eq | 7.2.1 | |
fortiproxy | eq | 7.2.0 | |
fortiproxy | eq | 7.0.7 | |
fortiproxy | eq | 7.0.6 | |
fortiproxy | eq | 7.0.5 | |
fortiproxy | eq | 7.0.4 | |
fortiproxy | eq | 7.0.3 | |
fortiproxy | eq | 7.0.2 | |
fortiproxy | eq | 7.0.1 | |
fortiproxy | eq | 7.0.0 |