HTTP Header Injection

2017-11-2000:42:42

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

31.8%

CodeIgniter framework is vulnerable to HTTP header injection attacks. These attacks are possible through the set_status_header function.

CPENameOperatorVersion
bcit-ci/codeigniterle3.1.3
codeigniter/frameworkle3.1.3

CPE	Name	Operator	Version
	bcit-ci/codeigniter	le	3.1.3
	codeigniter/framework	le	3.1.3

References

github.com/bcit-ci/CodeIgniter/commit/df33ec2e45356895c5aec0a1ebfc325c2af4f74a

www.codeigniter.com/userguide3/changelog.html#version-3-1-4

0.001 Low

EPSS

Percentile

31.8%

Related for VERACODE:5456