Description
During the processing of an incoming HTTP request, the web server relies on the Host
HTTP header to determine which component or virtual host should handle the request. However, since all HTTP headers, including the Host
header, are user-controlled data, if the application uses the value of any HTTP header without proper validation, it becomes vulnerable to header injection attacks. Host header injection enables attackers to manipulate the response, leading to potential security risks such as arbitrary redirection, cache poisoning, and information disclosure.
Test for Host Header Injection Vulnerability with SmartScanner
Donwload FREE!Recommendation
To mitigate the risk of host header injection, avoid relying solely on the value of headers for critical operations. If it’s necessary to use header values, ensure that only whitelisted values are accepted.
References
Related Issues
- Apache Expect Header Cross Site Scripting - CVE-2006-3918
- Blind OS Command Execution - Vulnerability
- Blind SQL Injection - Vulnerability
- Content-Security-Policy Header is Missing - Vulnerability
- Tags: