Apple · Macos X Server · CVE-2020-9995
Name of the Vulnerable Software and Affected Versions:
macOS Server versions prior to 5.11
Description:
An issue existed in the parsing of URLs, which was addressed with improved input validation. Processing a maliciously crafted URL may lead to an open redirect or cross site scripting.
Recommendations:
For macOS Server versions prior to 5.11, update to version 5.11 to resolve the issue. As a temporary workaround, consider restricting access to URLs that may be maliciously crafted until the update is applied.