h2o -- directory traversal vulnerability

2016-01-13T00:00:00
ID 6C808811-BB9A-11E5-A65C-485D605F4717
Type freebsd
Reporter FreeBSD
Modified 2016-01-13T00:00:00

Description

Yakuzo OKU reports:

When redirect directive is used, this flaw allows a remote attacker to inject response headers into an HTTP redirect response.