← Back

Xmlhttprequest

xmlhttprequest

Vendor: Xmlhttprequest Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-28502
1Xmlhttprequest Project
1Xmlhttprequest
Nov 21, 2024
Mar 5, 2021
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could resul...Show more
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run.Show less