Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability
Oracle WebCenter Sites is prone to an HTTP-header-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to inject arbitrary HTTP headers into a server response and which may help in launching cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.
This vulnerability affects the following supported versions:
7.6.2, 184.108.40.206.0, 220.127.116.11.1