Design/Logic Flaw

2019-09-2800:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

37.5%

JSON

DISPUTED Flower 0.9.3 has XSS via a crafted worker name. NOTE: The project author stated that he doesn’t think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access.