An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Server 5.11. Processing a maliciously crafted URL may lead to an open redirect or cross site scripting.

Related CVEs

CVE-2020-9995

Key Information

GHSA ID

GHSA-wfmp-hg8c-4ph3

Published

May 24, 2022 5:46 PM

Last Modified

May 24, 2022 5:46 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.