EIP-2026-106972
PRE-CVEExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting
Title source: legacyDescription
ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by MustLive · textwebappsphp
https://www.exploit-db.com/exploits/30983
Details
Status
pre_cve
Tracked Since
Feb 18, 2026