{"vulnerability": "CVE-2020-36564", "sightings": [{"uuid": "8067f067-d98f-4850-959a-9835ba903a94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36564", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-36564\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid.\n\ud83d\udccf Published: 2022-12-27T21:13:31.590Z\n\ud83d\udccf Modified: 2025-04-11T16:26:19.344Z\n\ud83d\udd17 References:\n1. https://github.com/justinas/nosurf/pull/60\n2. https://github.com/justinas/nosurf/commit/4d86df7a4affa1fa50ab39fb09aac56c3ce9c314\n3. https://pkg.go.dev/vuln/GO-2020-0049", "creation_timestamp": "2025-04-11T16:51:21.000000Z"}, {"uuid": "867d4a1e-14c8-4993-9ddf-6060fec55f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36564", "type": "seen", "source": "https://t.me/cibsecurity/55445", "content": "\u203c CVE-2020-36564 \u203c\n\nDue to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T00:11:52.000000Z"}]}