CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Description

The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.

Latest vulnerabilities for CWE-644

Multiple vulnerabilities in Dell EMC VxRail Appliance 2024-06-17
Critical Yes

Multiple vulnerabilities in Dell Secured Component Verification (SCV) 2024-06-14
High Yes

Multiple vulnerabilities in Dell APEX Cloud Platform for Microsoft Azure and Dell APEX Cloud Platform Foundation Software 2024-06-13
High Yes

Multiple vulnerabilities in IBM Storage Protect Plus Container Agent 2024-05-24
High Yes

Multiple vulnerabilities in IBM Sterling Order Management 2024-04-16
High Yes

Multiple vulnerabilities in IBM Cloud Pak for AIOps 2024-03-27
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Network Automation 2024-03-05
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management 2024-02-29
High Yes

Multiple vulnerabilities in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 2024-02-15
High Yes

Multiple vulnerabilities in IBM Observability with Instana 2024-02-07
Medium Yes

References

Description of CWE-644 on Mitre website