www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-03T08:00:00Z
Updated: 2024-09-16T23:21:39.795Z
Reserved: 2019-02-03T00:00:00Z
Link: CVE-2019-7313
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-03T08:29:00.480
Modified: 2024-11-21T04:47:59.410
Link: CVE-2019-7313
Redhat
No data.