A log injection vulnerability arises when a log entry contains unsanitized user input. A malicious user can insert fake log data and consequently deceive system administrators as to the system's behavior [OWASP 2008]. For example, a user an attacker might split a legitimate log entry into two log entries by entering a carriage return and line feed (CRLF) sequence , resulting in two log entries either (or both) of which might be misleadingto mislead an auditor. Log injection attacks can be prevented by sanitizing and validating any untrusted input sent to a log.
...
...