2 matches found
CVE-2020-4706
IBM API Connect (5.0.0.0–5.0.8.10) is affected by CVE-2020-4706, an HTTP Host header injection vulnerability caused by insufficient validation of input in the HOST header. A remote attacker could craft a request to inject the HOST header, enabling cross-site scripting, cache poisoning, or session...
Security Bulletin: IBM API Connect on cloud is impacted by HTTP header injection vulnerability (CVE-2020-4706)
Summary IBM API Connect on cloud V5 has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-4706 DESCRIPTION: IBM API Connect is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a...