CRLF INJECTION

Disclosed: 2021-04-10 12:30:07 By amannnnnnnnnnnnnnn To gsa_vdp
Low
Vulnerability Details
Vulnerable url - https://www.epay.fas.gsa.gov/%0D%0ASet-Cookie:crlfinjection=crlfinjection ## Impact an attacker can set new header
Actions
View on HackerOne
Report Stats
  • Report ID: 1038594
  • State: Closed
  • Substate: resolved
  • Upvotes: 32
Share this report