Characters in the GET url path are not properly escaped and can be reflected in the server response.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://snyk.io/vuln/SNYK-JS-IOBROKERWEB-534971 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2019-11-25T22:39:39
Updated: 2024-08-04T22:32:01.665Z
Reserved: 2019-04-03T00:00:00
Link: CVE-2019-10771
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-11-25T23:15:10.930
Modified: 2019-12-04T15:39:43.263
Link: CVE-2019-10771
Redhat
No data.