Twitter.TwitterServer.HistogramQueryHandler.XSS
Description
This indicates an attack attempt to exploit a Cross Site Scripting Vulnerability in Twitter TwitterServer.
This vulnerability is due to insufficient validation on user supplied input in the HistogramQueryHandler class. A remote attacker can exploit this vulnerability by enticing a victim to visit a malicious web page. Successful exploitation can result in the execution of script code in the security context of the target user's browser.
Affected Products
Twitter TwitterServer prior to 20.12.0
Impact
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected application.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/twitter/twitter-server/commit/e0aeb87e89a6e6c711214ee2de0dd9f6e5f9cb6c
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |