[email protected] – Python Twisted: information disclosure via URI CRLF, analyzed on 03/07/2019

CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesDBMS
Python Twisted: information disclosure via URI CRLF Synthesis of the vulnerability An attacker can bypass access restrictions to data via URI CRLF of Python Twisted, in order to obtain sensitive information. Vulnerable products:Severity of this weakness: 2/4. Consequences of a hack: data reading. Hacker's origin: internet client.