CRLF injection
Medium
Vulnerability Details
Hello twiiter security team,
on the domain ads.twitter.com http response splitting is vulnerability.
PoC:
https://ads.twitter.com/subscriptions/mobile/landing?ref=gl-tw-tw-promote-mode?t=%0d%0atest:tested
## Impact
an attacker can set new header
Actions
View on HackerOneReport Stats
- Report ID: 446271
- State: Closed
- Substate: resolved
- Upvotes: 430