CVE-2005-0843

medium

Description

CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header.

References

http://secunia.com/advisories/14680

http://marc.info/?l=bugtraq&m=111151651621097&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Severity: Medium