CWE-113: CWE-113

This vulnerability in GFI Kerio Control allows attackers to perform open redirect, HTTP response splitting, and reflected cross-site scripting (XSS) a...

CVE-2025-40927 is an HTTP response splitting vulnerability in CGI::Simple for Perl that allows attackers to inject malicious content into HTTP respons...

CVE-2023-26137 is an HTTP response splitting vulnerability in the Drogon C++ web framework. Attackers can inject malicious content into HTTP responses...

This CVE describes an HTTP response splitting vulnerability in Splunk's 'rest' SPL command that allows low-privileged users to potentially access arbi...

An HTTP response splitting vulnerability in Cisco Secure Email Gateway's web management API allows unauthenticated attackers to conduct cross-site scr...

CVE-2026-22779 is a CRLF injection vulnerability in BlackSheep's HTTP Client implementation that allows attackers to modify HTTP requests by injecting...

CVE-2025-0825 is a CRLF injection vulnerability in cpp-httplib where null-byte-prefixed CRLF sequences aren't properly filtered, allowing attackers to...

This vulnerability in Octopus Server allows authenticated users with sufficient privileges to set custom headers that can cause server responses to re...

Pitchfork versions before 0.11.0 are vulnerable to HTTP Response Header Injection when used with Rack 3. This allows attackers to inject malicious hea...

This CRLF injection vulnerability in SAP NetWeaver Application Server Java allows authenticated administrators to inject malicious entries into config...

This vulnerability in SAP NetWeaver and ABAP Platform allows authenticated attackers to exploit memory management errors by sending specially crafted ...