CVE-2018-1658

Name of the Vulnerable Software and Affected Versions IBM Jazz Foundation versions 5.0 through 6.0.6

Description The issue is caused by improper validation of input, allowing a remote attacker to inject arbitrary HTTP headers by persuading a victim to visit a specially-crafted Web page. This could enable the attacker to conduct various attacks, including cross-site scripting, cache poisoning, or session hijacking.

Recommendations For versions 5.0 through 6.0.6, update to a version that includes the fix for this issue to prevent HTTP header injection attacks.