Name of the Vulnerable Software and Affected Versions pypiserver versions 1.2.5 and below

Description The issue allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI. This is due to a CRLF Injection in the affected software.

Recommendations For versions 1.2.5 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.