Description
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header.
Remediation
References
Related Vulnerabilities
WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0)
WordPress Plugin Ajax BootModal Login Security Bypass (1.4.3)
WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.1)
WordPress Plugin bbPress Cross-Site Scripting (2.5.8)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Cross-Site Scripting (5.6.0.2)