CVE-2025-13803

MediaCrush 1.0.0/1.0.1 contains a vulnerability in the Header Handler component (unknown function in /mediacrush/paths.py) where manipulation of the Host argument leads to improper neutralization of HTTP headers for scripting syntax. The issue can be triggered remotely. CVSS scores vary by versio...

EUVD-2018-13506

Malware in sbrugna...

CVE-2022-34316

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452...

GHSA-5C4W-8HHH-3C3H Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability

A vulnerability was identified in Consul and Consul Enterprise "Consul" such that using Headers in L7 traffic intentions could bypass HTTP header based access rules...

CVE-2022-34316 IBM CICS TX information disclosure

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452...

Input validation

Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive...

CVE-2021-20844

CVE-2021-20844 affects Yamaha routers (RTX830, NVR510, NVR700W, RTX1210) via improper neutralization of HTTP request headers in the Web GUI, allowing a remote authenticated attacker to obtain sensitive information through a crafted page. Affected firmware versions are RTX830 <=15.02.17, NVR510...

Improper Neutralization of HTTP Headers for Scripting Syntax

HTTP header injection vulnerability in the http package...