CVE-2005-2065

Name of the Vulnerable Software and Affected Versions: ASP Nuke version 0.80

Description: The issue allows remote attackers to spoof web content and poison web caches. This is achieved by injecting CRLF ("%0d%0a") sequences in the LangCode parameter of the language select.asp page, specifically the /language select.asp endpoint.

Recommendations: For ASP Nuke version 0.80, avoid using the LangCode parameter in the language select.asp page until the issue is resolved. As a temporary workaround, consider restricting access to the language select.asp page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.