lib/checks/check_response_splitting.rb in brakeman-0.7.1 vs lib/checks/check_response_splitting.rb in brakeman-0.7.2

- old
+ new

@@ -8,10 +8,10 @@ def run_check if version_between?('2.3.0', '2.3.13') warn :warning_type => "Response Splitting", - :message => "Versions before 2.3.14 have a vulnerability content type handling allowing injection of headers. Upgrade or apply patches as needed.", + :message => "Versions before 2.3.14 have a vulnerability content type handling allowing injection of headers: CVE-2011-3186", :confidence => CONFIDENCE[:med] end end end