CVE-2020-35774

Publication date

2020-12-29 17:54:04

Family

mitre

State

PUBLISHED

Description

server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (aka twitter-server) before 20.12.0, in some configurations, allows XSS via the /histograms endpoint.