cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
CPE | Name | Operator | Version |
---|---|---|---|
cpp-httplib | le | 0.5.8 |