Description
CRLF injection vulnerability in the tornado.web.RequestHandler.set_header function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input.
Remediation
References
Related Vulnerabilities
WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (8.1)
WordPress Plugin WP Symposium Arbitrary File Upload (14.11)
Django Improper Input Validation Vulnerability (CVE-2012-3443)
Oracle JRE CVE-2022-21341 Vulnerability (CVE-2022-21341)
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0788)