RSS   Vulnerabilities for 'Analytics-quarry-web'   RSS

2021-04-21
 
CVE-2020-36324

CWE-79
 

 
Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type.

 

 >>> Vendor: Wikimedia 3 Products
Wikidata query gui
Parsoid
Analytics-quarry-web


Copyright 2021, cxsecurity.com

 

Back to Top