Moderate severityNVD Advisory· Published Dec 29, 2020· Updated Aug 4, 2024
CVE-2020-35774
CVE-2020-35774
Description
server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (aka twitter-server) before 20.12.0, in some configurations, allows XSS via the /histograms endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.twitter:twitter-server_2.12Maven | < 20.12.0 | 20.12.0 |
Affected products
2- Twitter/TwitterServerdescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-3mqv-8gxg-pfm4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-35774ghsaADVISORY
- advisory.checkmarx.net/advisory/CX-2020-4287ghsax_refsource_MISCWEB
- github.com/twitter/twitter-server/commit/e0aeb87e89a6e6c711214ee2de0dd9f6e5f9cb6cghsax_refsource_MISCWEB
- github.com/twitter/twitter-server/compare/twitter-server-20.10.0...twitter-server-20.12.0ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.