CVE-2018-1319

Summary

In Apache Allura prior to 1.8.1, attackers may craft URLs that cause HTTP response splitting. If a victim goes to a maliciously crafted URL, unwanted results may occur including XSS or service denial for the victim's browsing session.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Alluraprior to 1.8.1affected

Weaknesses

  • HTTP response splitting

ADP Enrichment

CVE Program Container

Additional References

References