Launch Week Day 1: Announcing Security Design Review
Start for Free
MEDIUM 6.1 PyPI

Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability

GHSA-rvf8-c35m-8289 · CVE-2020-18699 · PYSEC-2021-340

Published · Modified

Description

Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes