Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability
Oracle WebCenter Sites is prone to an HTTP-header-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to inject arbitrary HTTP headers into a server response and which may help in launching cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.
This vulnerability affects the following supported versions:
7.6.2, 220.127.116.11.0, 18.104.22.168.1