Lucene search
K

25 matches found

OSV
OSV
added 2020/04/20 10:15 p.m.10 views

CVE-2020-11944

Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...

6.1CVSS6AI score
Exploits0References3
Prion
Prion
added 2020/04/20 10:15 p.m.16 views

Cross site scripting

Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...

4.3CVSS6AI score0.01215EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/04/20 9:49 p.m.16 views

CVE-2020-11944

Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...

6.1AI score0.01215EPSS
Exploits0References3
CVE
CVE
added 2020/04/20 9:49 p.m.35 views

CVE-2020-11944

CVE-2020-11944 affects Abe (bitcoin-abe) up to versions 0.7.2 and 0.8pre, where an XSS flaw exists in abe.py__call__ caused by mishandling PATH_INFO during a PageNotFound exception. The issue is triggered via client-supplied data and could enable script execution in the browser of an unsuspecting...

6.1CVSS5.9AI score0.01215EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2011/06/15 12:0 a.m.106 views

IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery

IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ IBM WebSphere Application Server Cross-Site Request Forgery 1. Advisory Information Title: IBM...

6.8CVSS6.6AI score0.02096EPSS
Exploits6
Rows per page
Query Builder