HTTP Response Splitting refers to an attacker’s ability to send a single HTTP request that forces the web server to form an output stream, which is then interpreted by the target as two HTTP responses instead of one response.
HTTP Response Splitting attack could allow an attacker to write data into the response body where the HTML code is sent, leading to a cross-site scripting (XSS) vulnerability.
See also: Cross-site scripting (XSS)