Lucene search
GoogleOSV:CVE-2020-28502HistoryMar 05, 2021 - 6:15 p.m.
CVE-2020-28502
2021-03-0518:15:12
Google
osv.dev
2
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run.
Related
github
github
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection
2021-05-04 18:02:34
debiancve
debiancve
CVE-2020-28502
2021-03-05 18:15:12
githubexploit
githubexploit
Exploit for Code Injection in Xmlhttprequest Project Xmlhttprequest
2021-05-12 12:11:03
veracode
veracode
Arbitrary Code Execution
2021-03-08 05:03:56
cvelist
cvelist
CVE-2020-28502 Arbitrary Code Injection
2021-03-05 00:00:00
nodejs
nodejs
Arbitrary Code Injection
2021-05-04 18:18:00
osv
osv
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection
2021-05-04 18:02:34
cve
cve
CVE-2020-28502
2021-03-05 18:15:12
nvd
nvd
CVE-2020-28502
2021-03-05 18:15:12
ubuntucve
ubuntucve
CVE-2020-28502
2021-03-05 00:00:00
ibm
ibm
prion
prion
Design/Logic Flaw
2021-03-05 18:15:00
redhatcve
redhatcve
CVE-2020-28502
2021-03-05 20:58:13