Hono Vulnerable to SSE Control Field Injection via CR/LF in writeSSE()

Summary When using streamSSE in Streaming Helper, the event, id, and retry fields were not validated for carriage return \r or newline \n characters. Because the SSE protocol uses line breaks as field delimiters, this could allow injection of additional SSE fields within the same event frame if...