The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request.
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B’s state.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nexo-os | Bosch | 1000 (including) | 1500-sp2 (including) |