Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2020-13128
- EPSS 0.5%
- Veröffentlicht 18.05.2020 00:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:42
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to deni...
6.1
CVE-2020-9447
- EPSS 0.31%
- Veröffentlicht 28.02.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:40:39
There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables att...
1