twitter-server Cross-Site Scripting

twitter-server before 20.12.0 is vulnerable to cross-site scripting in some configurations. The vulnerability exists in the administration panel of twitter-server in the histograms component via server/handler/HistogramQueryHandler.scala. id: CVE-2020-35774 info: name: twitter-server Cross-Site...

com.github.3tty0n:gatling-thrift_2.12 (>=0.2.0 <=0.4.4), com.github.ikhoon:finatra-swagger_2.12 (=2.13.0) +54 more potentially affected by CVE-2020-35774 via com.twitter:twitter-server_2.12 (>=1.28.0 <=20.10.0)

com.twitter:twitter-server2.12 MAVEN version =1.28.0, =0.2.0, =2.9.0, =0.5.0, =0.5.0, =0.5.0, =0.17.0, =0.17.0, =0.17.0, =2.9.0, =20.10.0 - com.twitter:finatra-kafka-streams-prerestore2.12 =20.10.0 - com.twitter:finatra-kafka-streams-queryable-thrift-client2.12 =20.10.0 -...

CVE-2020-35774

Twitter TwitterServer (twitter-server) prior to version 20.12.0 is vulnerable to cross-site scripting via the /histograms endpoint, in configurations using HistogramQueryHandler.scala. The issue arises in the histograms component of the administration panel and could allow an attacker to inject m...

Twitter TwitterServer 跨站脚本漏洞

Twitter TwitterServer is a Scala-based software for building Twitter servers. The software can be used to build a Twitter server through the template, in addition to the server can be managed, monitoring. A cross-site scripting vulnerability exists in Twitter TwitterServer versions prior to 20.12...