Possible CLRF injection detected

Overview

Rule ID: java_lang_crlf_injection
Applicable Languages: Java
Weakness ID: CWE-93

Description

CRLF (Carriage Return Line Feed) injection vulnerability occurs when an attacker can insert line termination characters into a log message. This can result in forged log entries, compromising the integrity of log files.

Remediation Guidelines

Before logging user input data, it is essential to strip any carriage return and line feed characters. This practice prevents attackers from injecting malicious CRLF sequences into the log entries.
```
logger.info(userInput.replaceAll("[\r\n]+", ""));
```

References

Configuration

PreviousPermissive Screenshot option set NextPossible expression language (EL) injection detected

Last updated 8 months ago