SYM_JAVA_0078 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Neutralization of CRLF Sequences ('CRLF Injection')
| Property | Value |
|---|---|
| Language | java |
| Severity |  |
| CWE | CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') |
| OWASP | A03:2021 - Injection |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
User input from HTTP requests is being written directly to application logs without sanitization. This allows attackers to inject special characters (like CR and LF) that can manipulate log entries.
Impact
An attacker could forge or alter log records, making it harder to audit activity or detect malicious behavior. This can hide attacks, mislead operators, or enable further exploits by injecting malicious content into logs.