Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22243
HistoryJan 03, 2020 - 5:32 a.m.

Denial Of Service (DoS)

2020-01-0305:32:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21

EPSS

0.001

Percentile

42.5%

ecstatic is vulnerable to a denial of service (DoS). When an attacker provides a URL parameter with symbols such as \x0c, it leads to a redirection from /existing-dir-name?\x0cfoo to /existing-dir-name/?\x0cfoo and causes TypeError: The header content contains invalid characters error, possibly crashing the server.

CPENameOperatorVersion
ecstaticle4.1.2
ecstaticle3.3.2

EPSS

0.001

Percentile

42.5%