CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T09:58:16.280Z
Reserved: 2014-02-17T00:00:00
Link: CVE-2014-2017

No data.

Status : Modified
Published: 2018-01-18T14:29:00.227
Modified: 2024-11-21T02:05:27.907
Link: CVE-2014-2017

No data.