Description
HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.
Affected products
- ibm / lotus_notes6.0 – 6.0
- ibm / lotus_notes6.0.1 – 6.0.1
- ibm / lotus_notes6.0.2 – 6.0.2
- ibm / lotus_notes6.0.3 – 6.0.3
- ibm / lotus_notes6.0.4 – 6.0.4
- ibm / lotus_notes6.5 – 6.5
- ibm / lotus_notes6.5.1 – 6.5.1
- ibm / lotus_notes6.5.2 – 6.5.2
- ibm / lotus_notes6.5.3 – 6.5.3