Vulnerabilities
Projects
About Us
Contact Us
WhiteSource Vulnerability Database
We found results for “”
CVE-2020-35774
Good to know:
Date: December 29, 2020
server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (aka twitter-server) before 20.12.0, in some configurations, allows XSS via the /histograms endpoint.
Language: SCALA
Severity Score
Insights from the community
5 tweets
7 retweets about this vulnerability
Cyber Security Feed
RT @NcsVentures: #cybersecurity | #comptia | #info | CVE-2020-35774: twitter-server XSS Vulnerability Discovered https://t.co/ZyhlexxqYt
5
0Securityblog
CVE-2020-35774: twitter-server XSS Vulnerability Discovered - Security Boulevard https://t.co/AEe0hTddUX
01Checkmarx
ICYMI, the Checkmarx Security Research Team uncovered a vulnerability in Twitter's #opensource project "twitter-ser… https://t.co/ZWeTKL1DRC
10RNSTech
The Checkmarx Security Research Team discovered a reflected XSS vulnerability in the twitter-server #opensource pro… https://t.co/lDmLuSJZrK
10Related Resources (4)
Severity Score
Weakness Type (CWE)
Cross-Site Scripting (XSS)
CWE-79Top Fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privilegs Required (PR): | NONE |
| User Interaction (UI): | REQUIRED |
| Scope (S): | CHANGED |
| Confidentiality (C): | LOW |
| Integrity (I): | LOW |
| Availability (A): | NONE |
CVSS v2
| Base Score: |
|
|---|---|
| Access Vector (AV): | NETWORK |
| Access Complexity (AC): | MEDIUM |
| Authentication (AU): | NONE |
| Confidentiality (C): | NONE |
| Integrity (I): | PARTIAL |
| Availability (A): | NONE |
| Additional information: |