HTTP Header Injection Vulnerability in URLConnection Class in Android OS 2.2 through 6.0

HTTP Header Injection Vulnerability in URLConnection Class in Android OS 2.2 through 6.0

CVE-2016-1155 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.

Learn more about our Cis Benchmark Audit For Google Android.