An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
References
Link | Resource |
---|---|
https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 | Vendor Advisory |
https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-19T20:18:08
Updated: 2020-09-19T20:18:08
Reserved: 2020-09-19T00:00:00
Link: CVE-2020-25788
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-19T21:15:11.987
Modified: 2020-09-29T16:02:40.413
Link: CVE-2020-25788
JSON object: View
Redhat Information
No data.
CWE