CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Description

The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.

Latest vulnerabilities for CWE-644

Multiple vulnerabilities in IBM Sterling Order Management 2024-04-16
High Yes

Multiple vulnerabilities in IBM Cloud Pak for AIOps 2024-03-27
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Network Automation 2024-03-05
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management 2024-02-29
High Yes

Multiple vulnerabilities in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 2024-02-15
High Yes

Multiple vulnerabilities in IBM Observability with Instana 2024-02-07
Medium Yes

Multiple vulnerabilities in IBM Watson Discovery 2024-02-01
Medium Yes

Splunk Enterprise update for third-party components 2024-01-22
Medium Yes

Multiple vulnerabilities in IBM Operational Decision Manager 2024-01-08
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Business Automation 2023-12-19
High Yes

References

Description of CWE-644 on Mitre website