CRLF Injection Vulnerability in WebCalendar's login.php Allows HTTP Response Splitting Attacks
CVE-2004-1507 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server.
Learn more about our Web App Pen Testing.