HTTP Header Injection (IAST)
Summary#
Invicti identified a CRLF (new line) HTTP header injection.
This means the input goes into HTTP headers without proper input filtering.
Impact#
Depending on the application, an attacker might carry out the following types of attacks:
- Cross-site scripting attack, which can lead to session hijacking
- Session fixation attack by setting a new cookie, which can also lead to session hijacking
Actions To Take#
- See the remedy for solution.
- Ensure the server security patches are up to date and that the current stable version of the software is in use.
Remediation#
Do not allow newline characters in input. Where possible, use strict whitelisting.
Required Skills for Successful Exploitation#
Crafting the attack to exploit this issue is not a complex process. However, most unsophisticated attackers will not know that such an attack is possible. Also, an attacker needs to reach his victim by e-mail or other similar method in order to entice them to visit the site or click on a URL.
External References#