CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values.
The response header injection vulnerability (CWE-113) consists of the fact that an application built on the Crow library accepts unvalidated data and places it directly in HTTP response headers. An attacker can provide data containing newline characters (e.g. CR/LF – \r\n), which cause injection of additional headers or even splitting of the HTTP response (HTTP response splitting). As a result, it is possible to forge the content of the server response or embed malicious headers.
An attacker can conduct attacks such as HTTP response splitting, cache poisoning, XSS or redirect users to malicious websites, leading to violations of confidentiality, integrity and availability of application resources.
The CrowCpp Crow library should be updated to a version containing the fix described in pull request #1167 in the project repository (https://github.com/CrowCpp/Crow/pull/1167). Patches available from the vendor should be applied according to the references.
CrowCpp Crow in versions up to v1.3.1 inclusive
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H