CVE-2018-11347

Name of the Vulnerable Software and Affected Versions YunoHost versions 2.7.2 through 2.7.14

Description The issue allows an attacker to inject one or several HTTP Header into the response from the server. This requires an interaction with the user to send them a malicious link. It could be used to perform other attacks such as user redirection to a malicious website, HTTP response splitting, or HTTP cache poisoning.

Recommendations For YunoHost versions 2.7.2 through 2.7.14, at the moment, there is no information about a newer version that contains a fix for this vulnerability.