2 matches found
CVE-2020-28476
A flaw was found in python-tornado. All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the...
CVE-2020-28476
CVE-2020-28476 is rejected/not used and does not represent an active vulnerability entry; reference CVE-2021-23336.