CVE-2008-6121

Publication date

2009-02-11 17:25:00

Family

mitre

State

PUBLISHED

Description

CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie.