Security Advisory

CVE-2006-6965

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-01-29 17:00:00

Last updated 2024-08-07 20:50:06

Assigner mitre

State PUBLISHED

Description

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.

← Browse all CVEs View on cve.org ↗