HTTP_Response_Splitting issue exists @ vulnerabilities/sqli_blind/cookie-input.php in branch master
Method <?php at line 1 of vulnerabilities\sqli_blind\cookie-input.php gets user input from the _POST element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in an HTTP response header in <?php at line 1 of vulnerabilities\sqli_blind\cookie-input.php. This may enable an HTTP Response Splitting attack, in certain older versions that do not mitigate this attack.
HTTP_Response_Splitting issue exists @ vulnerabilities/sqli_blind/cookie-input.php in branch master
Method <?php at line 1 of vulnerabilities\sqli_blind\cookie-input.php gets user input from the _POST element. This element’s value then flows through the code without being properly sanitized or validated, and is eventually used in an HTTP response header in <?php at line 1 of vulnerabilities\sqli_blind\cookie-input.php. This may enable an HTTP Response Splitting attack, in certain older versions that do not mitigate this attack.
Severity: Medium
CWE:113
Checkmarx
Lines: 12
Code (Line #12):