HTTP Header Injection

Severity: Medium
Summary#

Invicti identified a CRLF (new line) HTTP header injection.

This means the input goes into HTTP headers without proper input filtering.

Impact#
Depending on the application, an attacker might carry out the following types of attacks:
  • Cross-site scripting attack, which can lead to session hijacking
  • Session fixation attack by setting a new cookie, which can also lead to session hijacking
Actions To Take#
  1. See the remedy for solution.
  2. Ensure the server security patches are up to date and that the current stable version of the software is in use.
Remediation#
Do not allow newline characters in input. Where possible, use strict whitelisting.
Required Skills for Successful Exploitation#
Crafting the attack to exploit this issue is not a complex process. However, most unsophisticated attackers will not know that such an attack is possible. Also, an attacker needs to reach his victim by e-mail or other similar method in order to entice them to visit the site or click on a URL.
Further Reading#
Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo