CRLF Injection Vulnerability in Open-Xchange AppSuite and Server

CRLF Injection Vulnerability in Open-Xchange AppSuite and Server

CVE-2013-2582 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging improper sanitization of whitespace characters.

Learn more about our Cis Benchmark Audit For Server Software.