Description

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.

Remediation

References

CVE-2004-1584

Related Vulnerabilities

WordPress Plugin Ultimate TinyMCE 'swfupload.swf' Cross-Site Scripting (3.5)

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)

Oracle HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2022-25313)

WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)

WordPress Plugin CTA for WordPress-Easy Side Tab includes Backdoor [Only if downloaded via the vendor website] (1.0.7)

Severity

Medium

Classification

CVE-2004-1584

Tags

Missing Update Known Vulnerabilities