Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cookie and header exposure in twisted
Vulnerability Description
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Twisted 信息泄露漏洞
Vulnerability Description
Twisted是一款使用Python语言编写的事件驱动的开源网络引擎。 Twisted 中存在信息泄露漏洞,该漏洞源于在跨源重定向时会暴露Cookie和授权信息。
CVSS Information
N/A
Vulnerability Type
N/A