Oracle WebCenter Sites CVE-2013-1509 HTTP Header Injection Vulnerability
Oracle WebCenter Sites is prone to an HTTP-header-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to inject arbitrary HTTP headers into a server response and which may help in launching cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.
This vulnerability affects the following supported versions:
7.6.2, 22.214.171.124.0, 126.96.36.199.1