HTTP header injection (Q1592277)
Jump to navigation
Jump to search
web application vulnerability that occurs when HTTP headers are dynamically generated from user input; can allow for HTTP response splitting, session fixation (via Set-Cookie), cross-site scripting, and malicious redirect attacks
- HTTP injection
| Language | Label | Description | Also known as |
|---|---|---|---|
| English | HTTP header injection |
web application vulnerability that occurs when HTTP headers are dynamically generated from user input; can allow for HTTP response splitting, session fixation (via Set-Cookie), cross-site scripting, and malicious redirect attacks |
|
Statements
Identifiers
Sitelinks
Wikipedia(5 entries)
- dewiki Header-Injection
- enwiki HTTP header injection
- eswiki Inyección de encabezado HTTP
- hewiki הזרקת HTTP Header
- jawiki HTTPヘッダ・インジェクション