Опубликовано: 17 окт. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 10
CVSS3: 6.1
Описание
Incorrect Content-Type header in one of the APIs (text/html instead of application/json) replies may potentially allow injection of HTML/JavaScript into reply.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
Incorrect Content-Type header in one of the APIs (text/html instead of application/json) replies may potentially allow injection of HTML/JavaScript into reply.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
Связанные уязвимости
CVSS3: 6.1
nvd
4 месяца назад
Incorrect Content-Type header in one of the APIs (`text/html` instead of `application/json`) replies may potentially allow injection of HTML/JavaScript into reply.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.