CVE-2020-36309

Published
View on NVD ↗
CVSS v3
5.3
MEDIUM
CVSS v2
5
MEDIUM
Affected
1
PROJECT

Description

ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.

openresty/lua-nginx-module
openresty/lua-nginx-module
Embed the Power of Lua into NGINX HTTP servers
GitHubGitHub
11.8K