Description
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
Remediation
References
Related Vulnerabilities
WordPress Plugin CM Ad Changer Cross-Site Scripting (1.7.7)
WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)
MediaWiki Improper Input Validation Vulnerability (CVE-2014-5243)
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.5.0)