Security Advisory

CVE-2020-11944

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-20 21:49:33

Last updated 2024-08-04 11:42:00

Assigner mitre

State PUBLISHED

Description

Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.

← Browse all CVEs View on cve.org ↗