Description
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletters Unspecified Vulnerability (4.5.5.2)
WordPress Plugin Pinterest Badge Cross-Site Scripting (1.9.0)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-3143)
Microsoft SQL Server CVE-2023-36417 Vulnerability (CVE-2023-36417)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-25703)