cbcvebase.
CVE-2013-6009
published 2013-10-03

CVE-2013-6009: CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP…

PriorityP421medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.96%
57.0th percentile
CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the ajax/defer servlet.

Affected

7 ranges
VendorProductVersion rangeFixed in
open-xchangeopen-xchange_appsuite<= 7.2.1
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.