Описание
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
EPSS
Процентиль: 58%
0.00371
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
EPSS
Процентиль: 58%
0.00371
Низкий