Improper Neutralization of CRLF Sequences (‘CRLF Injection’)
| Property | |
|---|---|
| Language | java |
| Severity |  |
| CWE | CWE-93: Improper Neutralization of CRLF Sequences (‘CRLF Injection’) |
| OWASP | A03:2021 - Injection |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
User input from HTTP requests is being written directly to application logs without sanitization. This allows attackers to inject special characters (like CR and LF) that can manipulate log entries.
Impact#
An attacker could forge or alter log records, making it harder to audit activity or detect malicious behavior. This can hide attacks, mislead operators, or enable further exploits by injecting malicious content into logs.