← back
CVE-2016-1155

CVE-2016-1155

EPSS 1.8%
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86ebhttps://jvn.jp/vu/JVNVU99757346/index.htmlhttp://www.securityfocus.com/bid/97662