CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11944

Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2020-11944

Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.4

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.4
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.4.1

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.4.1
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.5

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.5
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.6

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.6
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.7

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.7
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.7.1

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.7.1
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.7.2

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.7.2
Bitcoin-Abe Project » Bitcoin-Abe » Version: 0.8

cpe:2.3:a:bitcoin-abe_project:bitcoin-abe:0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11944

Products

Pricing

Contact Us