CVE-2020-35774

Published December 29th, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (aka twitter-server) before 20.12.0, in some configurations, allows XSS via the /histograms endpoint.

twitter/twitter-server

Twitter-Server defines a template from which services at Twitter are built

GitHub

1.6K