0005635: Certain request parameters causes HTTP request splitting

ID	Project	Category	View Status	Date Submitted	Last Update

0005635	OXID eShop (all versions)	4.04. Security	public	2014-02-03 16:54	2014-03-11 11:29

Reporter	tomas_liubinas	Assigned To
Priority	immediate	Severity	crash	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	4.7.11 / 5.0.11
Target Version	4.7.11 / 5.0.11	Fixed in Version	4.7.11 / 5.0.11

Summary	0005635: Certain request parameters causes HTTP request splitting
Description	Certain request parameters causes HTTP request splitting
Tags	No tags attached.

Theme	Both
Browser	All
PHP Version	any
Database Version	any

saulius.stasiukaitis 2014-02-06 16:47 reporter ~0009479	Fixed in b-5.0-HTTP_Response_Splitting_bug branch

saulius.stasiukaitis 2014-02-06 16:48 reporter ~0009480	Fix in oxConfig::checkParamSpecialChars which escape from special chars.