[TAP5-1004] X-Tapestry-ErrorMessage may lead to HTTP Response Splitting - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 5.1.0.5
Fix Version/s: 5.2.1
Component/s: tapestry-core
Labels:
None

Description

The DefaultRequestExceptionHandler sets the X-Tapestry-ErrorMessage header but fails to sanitize or encode the error message. This enables an attacker to inject malicious HTTP headers or to provide a 2nd HTTP response.

Attachments

Activity

People

Assignee:: Howard Lewis Ship

Reporter:: Paul Rehrl

Votes:: 2 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Feb/10 13:13

Updated:: 24/Sep/10 23:42

Resolved:: 24/Sep/10 23:01