RSS   Podatności dla 'MAKO'   RSS

2010-07-02
 
CVE-2010-2480

CWE-79
 

 
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.

 


Copyright 2024, cxsecurity.com

 

Back to Top