7.1 High
AI Score
Confidence
High
tornado is vulnerable to CRLF Injection. The vulnerability is due to improper CR/LF checks allowing for the inclusion of attacker-controlled header values in requests, which allows arbitrary headers or requests to be sent to a specified server.