CVE-2018-1319

Name of the Vulnerable Software and Affected Versions Apache Allura versions prior to 1.8.1

Description The issue allows attackers to craft URLs that cause HTTP response splitting. If a victim visits a maliciously crafted URL, it may lead to unwanted results, including cross-site scripting (XSS) or service denial for the victim's browsing session.

Recommendations For versions prior to 1.8.1, update to version 1.8.1 or later to resolve the issue.