Tomas Liubinas

#44800of 53,633
5.8Total CVSS
Vulnerabilities · 1
PT-2018-4184
5.8
2018-01-18
Oxid · Oxid Eshop Enterprise Edition · CVE-2014-2017
**Name of the Vulnerable Software and Affected Versions** OXID eShop Professional Edition versions 4.7.10 and earlier, 4.8.x before 4.8.4 OXID eShop Enterprise Edition versions 5.0.10 and earlier, 5.1.x before 5.1.4 OXID eShop Community Edition versions 4.7.10 and earlier, 4.8.x before 4.8.4 **Description** The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. **Recommendations** For OXID eShop Professional Edition versions 4.7.10 and earlier, update to version 4.7.11 or later. For OXID eShop Professional Edition 4.8.x before 4.8.4, update to version 4.8.4 or later. For OXID eShop Enterprise Edition versions 5.0.10 and earlier, update to version 5.0.11 or later. For OXID eShop Enterprise Edition 5.1.x before 5.1.4, update to version 5.1.4 or later. For OXID eShop Community Edition versions 4.7.10 and earlier, update to version 4.7.11 or later. For OXID eShop Community Edition 4.8.x before 4.8.4, update to version 4.8.4 or later.