Possible Log Injection in Rack::CommonLogger
Summary Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious content into logs. Details When a user provides the authorization credentials via Rack::Auth::Basic, if success,...