Description

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.

Remediation

References

CVE-2020-8449

Related Vulnerabilities

XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29515)

WordPress Plugin Video Chat Multiple Cross-Site Scripting Vulnerabilities (1.4.1)

Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9758)

Severity

High

Classification

CVE-2020-8449 CWE-668 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities