CVE-2020-13697 – An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHan …

23 February 2021

Vuln ID: CVE-2020-13697

Published: 2021-02-23 08:15:11Z

Description: An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that extends this class without implementing its own GET handler is vulnerable to reflected XSS, because the GeneralHandler GET handler prints user input passed through the query string without any sanitization.

Source: NVD.NIST.GOV

Date:

23 February 2021

Categorie(s):

NVD

Tag(s):

NVD

The #1 Reason Why Organizations Skip Security26 April 2024
Still On CentOS 6? ELevate Can Now Lift and Shift You to a Modern RHEL Clone26 April 2024
Zero Trust strategies for navigating IoT/OT security challenges26 April 2024
Second time lucky for Thoma Bravo, which scoops up Darktrace for $5.3B26 April 2024
AI sparks increasing cyber concerns for execs amid growing adoption26 April 2024