CVE-2016-1155
The CVE-2016-1155 entry concerns an HTTP header injection vulnerability in the URLConnection class across Android OS versions 2.2–6.0. The root cause is HTTP header injection that enables a remote attacker to execute arbitrary scripts or set arbitrary values in cookies. Public references in the c...