CVE-2012-5572

Name of the Vulnerable Software and Affected Versions Dancer versions prior to 1.3114

Description A CRLF injection vulnerability exists in the cookie method of Dancer, allowing remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name.

Recommendations For versions prior to 1.3114, update to version 1.3114 or later to resolve the issue. As a temporary workaround, consider restricting the use of the cookie method in lib/Dancer/Cookie.pm to minimize the risk of exploitation.