CVE-2020-8124 · Vexday

CVE-2020-8124

EPSS 1.7%CWE-20

Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks.

Affected products

n/a · url-parse

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/496293