Phorum · Phorum · CVE-2005-0843
**Name of the Vulnerable Software and Affected Versions**
Phorum version 5.0.14a
**Description**
The issue concerns a CRLF injection vulnerability in the search.php file. This vulnerability allows remote attackers to perform HTTP Response Splitting attacks by manipulating the `body` parameter, which is then included in the resulting Location header.
**Recommendations**
For Phorum version 5.0.14a, consider restricting access to the search.php file or the `body` parameter to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the `body` parameter in the search.php file.