Perl Dancer.pm CVE-2012-5572 HTTP Header Injection Vulnerability

Perl Dancer.pm is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sufficiently sanitize input.

An attacker may exploit this issue to inject arbitrary HTTP headers into a server response.

By inserting arbitrary headers into an HTTP response, attackers may be able to launch various cross-site request forgery, cross-site scripting, and HTTP-request smuggling attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus