Loading
Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements.
Use CWE-93, Apache vendor hub and Unomi product page to widen CVE-2021-31164 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-13942 and CVE-2020-11975 for nearby disclosures in the same product family.