It was discovered that bottle, a WSGI-framework for the Python
programming language, did not properly filter “rn” sequences when
handling redirections. This allowed an attacker to perform CRLF
attacks such as HTTP header injection.
It was discovered that bottle, a WSGI-framework for the Python
programming language, did not properly filter “rn” sequences when
handling redirections. This allowed an attacker to perform CRLF
attacks such as HTTP header injection.