Zope Web Application Server Other Vulnerability (CVE-2012-5486)

Description

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Remediation

References

CVE-2012-5486

Related Vulnerabilities

WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839)

PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-5682)

WordPress Plugin FireStats Cross-Site Scripting (1.6.4)

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)

GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)

Severity

Medium

Classification

CVE-2012-5486

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities