Intrusion Prevention



This indicates an attack attempt to exploit a HTTP Header Injection vulnerability in Oracle WebCenter Sites.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling maliciously crafted HTTP requests. A remote attacker can exploit this to perform malicious redirection attacks or poison the HTTP cache with crafted response.

Affected Products

Oracle WebCenter Sites 7.6.2
Oracle WebCenter Sites
Oracle WebCenter Sites


Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References