Unrated severityNVD Advisory· Published Apr 20, 2020· Updated Aug 4, 2024
CVE-2020-11944
CVE-2020-11944
Description
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Abe/bitcoin-abedescription
- Range: <=0.7.2
Patches
Vulnerability mechanics
References
3- geeknik-labs.commitrex_refsource_MISC
- github.com/bitcoin-abe/bitcoin-abe/blob/d33f6e85de74e708e11cabe4ed0246e12025c726/Abe/abe.pymitrex_refsource_MISC
- github.com/bitcoin-abe/bitcoin-abe/issues/292mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.