{"vulnerability": "CVE-2020-24553", "sightings": [{"uuid": "8db8590e-cff5-4281-882a-b22428f3d5fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-24553", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1717", "content": "CVE-2020-24553:\nGo <=1.14.7, 1.15 XSS Vulnerability\n(Inconsistent Behavior of Go's CGI and FastCGI\nTransport May Lead to Cross-Site Scripting)\nhttps://seclists.org/fulldisclosure/2020/Sep/5", "creation_timestamp": "2020-09-08T18:29:18.000000Z"}, {"uuid": "3b5f02f3-dbe8-4239-8663-af44e4ea409c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-24553", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1693", "content": "#Red_Team_Tactics\n1. N1QL Injection: Kind of SQL Injection in a NoSQL Database\nhttps://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-injection-in-a-nosql-database\n2. Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting (CVE-2020-24553)\nhttps://www.redteam-pentesting.de/de/advisories/rt-sa-2020-004/-inconsistent-behavior-of-gos-cgi-and-fastcgi-transport-may-lead-to-cross-site-scripting", "creation_timestamp": "2020-12-29T19:55:11.000000Z"}]}