Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:50 a.m.12 views

CVE-2022-42471

An improper neutralization of CRLF sequences in HTTP headers 'HTTP Response Splitting' vulnerability CWE-113 In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary...

5.4CVSS6.9AI score0.00463EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.10 views

Fortinet FortiWeb API (FG-IR-22-250)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-250 advisory. - An improper neutralization of CRLF sequences in HTTP headers 'HTTP Response Splitting' vulnerability CWE-113 In FortiWeb...

5.4CVSS6AI score0.00463EPSS
Exploits0References2
OSV
OSV
added 2023/01/03 5:15 p.m.3 views

CVE-2022-42471

An improper neutralization of CRLF sequences in HTTP headers 'HTTP Response Splitting' vulnerability CWE-113 In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary...

5.4CVSS5.9AI score0.00463EPSS
Exploits0References1
CVE
CVE
added 2023/01/03 4:58 p.m.56 views

CVE-2022-42471

FortiWeb is affected by CVE-2022-42471 due to improper neutralization of CRLF sequences in HTTP headers (HTTP Response Splitting). The issue affects FortiWeb versions 7.0.0–7.0.2, 6.4.0–6.4.2, and 6.3.6–6.3.20, allowing an authenticated, remote attacker to inject arbitrary headers. Root cause: im...

5.4CVSS5.6AI score0.00463EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/03 4:58 p.m.22 views

CVE-2022-42471

An improper neutralization of CRLF sequences in HTTP headers 'HTTP Response Splitting' vulnerability CWE-113 In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary...

5.4CVSS5.8AI score0.00463EPSS
Exploits0References1
Rows per page
Query Builder