RSS   Vulnerabilities for 'Bitcoin-abe'   RSS

2020-04-20
 
CVE-2020-11944

CWE-79
 

 
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.

 


Copyright 2024, cxsecurity.com

 

Back to Top