lang:

JSP

regex:

\.addHeader\s?\(\s?(\'|\").*(\'|\")\s?,

description:

Possible header injection, if user controlled data is passed in the second parameter then ensure it is effectively validated or sanitized. 
tags:
header injection
results