Lucene search

MitreVULNRICHMENT:CVE-2020-36827

HistoryMar 24, 2024 - 12:00 a.m.

CVE-2020-36827

2024-03-2400:00:00

mitre

github.com

xao::web module

security vulnerability

json output

AI Score

6.9

Confidence

Low

EPSS

Percentile

9.0%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

The XAO::Web module before 1.84 for Perl mishandles < and > characters in JSON output during use of json-embed in Web::Action.

References

github.com/amaltsev/XAO-Web/commit/20dd1d3bc5b811503f5722a16037b60197fe7ef4

metacpan.org/dist/XAO-Web/changes