WebSocket Upgrade Header Vulnerability in SockJS (CVE-XXXX-XXXX)

WebSocket Upgrade Header Vulnerability in SockJS (CVE-XXXX-XXXX)

CVE-2020-7693 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.

Learn more about our Web App Pen Testing.