Test ID:	1.3.6.1.4.1.25623.1.0.803773
Category:	Web application abuses
Title:	WebCollab 'item' Parameter HTTP Response Splitting Vulnerability
Summary:	WebCollab is prone to HTTP response splitting vulnerability.
Description:	Summary: WebCollab is prone to HTTP response splitting vulnerability. Vulnerability Insight: Input passed via the 'item' GET parameter to help/help_language.php is not properly sanitised before being returned to the user. Vulnerability Impact: Successful exploitation will allow remote attackers to insert arbitrary HTTP headers, which will be included in a response sent to the user. Affected Software/OS: WebCollab versions 3.30 and prior. Solution: Upgrade to WebCollab 3.31 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2652 BugTraq ID: 63247 http://www.securityfocus.com/bid/63247 Bugtraq: 20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html http://sourceforge.net/p/webcollab/mailman/message/31536457/ http://osvdb.org/98768 http://secunia.com/advisories/55235 http://secunia.com/advisories/55295 XForce ISS Database: webcollab-cve20132652-response-splitting(88177) https://exchange.xforce.ibmcloud.com/vulnerabilities/88177
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.