CVE-2014-1956

FortiGuard FortiWeb <5.0.3 - HTTP Response Splitting

Title source: llm
STIX 2.1

Description

CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/FG-IR-13-009/

Scores

EPSS 0.0022
EPSS Percentile 44.9%

Details

Status published
Products (1)
fortinet/fortiweb < 5.0.2
Published Apr 30, 2014
Tracked Since Feb 18, 2026