Lucene search

K

CVE-2024-34064 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

🗓️ 06 May 2024 14:39:41Reported by GitHub_MType 
cvelist
 cvelist
🔗 www.cve.org👁 19 Views

Jinja XML/HTML attribute injection vulnerability fix for CVE-2024-3406

Show more
Related
Affected
Refs
[
  {
    "vendor": "pallets",
    "product": "jinja",
    "versions": [
      {
        "version": "< 3.1.4",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
06 May 2024 14:41Current
6.4Medium risk
Vulners AI Score6.4
CVSS35.4
EPSS0.002
19
.json
Report