Maestro

**Name of the Vulnerable Software and Affected Versions** Comersus Shopping Cart version 5.0991 **Description** A CRLF injection issue allows remote attackers to perform HTTP Response Splitting attacks, modifying expected HTML content from the server via the `redirecturl` parameter. **Recommendations** For Comersus Shopping Cart version 5.0991, avoid using the `redirecturl` parameter in affected API endpoints until the issue is resolved. Consider restricting access to this parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.