CVE-2018-1943
IBM Cloud Private is vulnerable to HTTP HOST header injection (CVE-2018-1943) in version 3.1.0 and 3.1.1 due to improper input validation. By enticing a user to a crafted page, an attacker could inject arbitrary HTTP headers, enabling cross-site scripting, cache poisoning, or session hijacking. R...