CVE-2004-1656

Name of the Vulnerable Software and Affected Versions Comersus Shopping Cart version 5.0991

Description A CRLF injection issue allows remote attackers to perform HTTP Response Splitting attacks, modifying expected HTML content from the server via the redirecturl parameter.

Recommendations For Comersus Shopping Cart version 5.0991, avoid using the redirecturl parameter in affected API endpoints until the issue is resolved. Consider restricting access to this parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.