CWE-113 - CERT CVE

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

CAPEC ID	Naziv
CAPEC-31	Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-34	HTTP Response Splitting
CAPEC-85	AJAX Fingerprinting