logo

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

CWE-93

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Improper Neutralization of CRLF Sequences ('CRLF Injection')

Description

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

Common Consequences

Scope: Integrity

Impact: Modify Application Data

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website