Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2019-18860 - Vulnerability Database
Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2019-18860
Medium
Reference:
CVE-2019-18860
Title:
Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Overview:
Squid before 4.9 when certain web browsers are used mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.