Details
Alert ID 40003
Alert Type Active
Status release
Risk Medium
CWE 113
WASC 25
Technologies Targeted All
Tags CWE-113
OWASP_2017_A01
OWASP_2021_A03
POLICY_API
POLICY_DEV_FULL
POLICY_QA_FULL
POLICY_SEQUENCE
WSTG-V42-INPV-15
More Info Scan Rule Help

Summary

Cookie can be set via CRLF injection. It may also be possible to set arbitrary HTTP response headers. In addition, by carefully crafting the injected response using cross-site script, cache poisoning vulnerability may also exist.

Solution

Type check the submitted parameter carefully. Do not allow CRLF to be injected by filtering CRLF.

Other Info

References

Code

org/zaproxy/zap/extension/ascanrules/CrlfInjectionScanRule.java