2020-04-12 13:30:29
mitre
PUBLISHED
cpp-httplib through 0.5.8 does not filter rn in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.