QiAnXinCodeSafe opened this issue 5 years ago · 0 comments
Including unvalidated data in an HTTP response header can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect.