Lucene search
K

PYSEC-2020-74

šŸ—“ļøĀ 02 Dec 2020Ā 08:15:00Reported byĀ Python Packaging AdvisoryTypeĀ 
pypa
Ā pypa
šŸ”—Ā github.comšŸ‘Ā 5Ā Views

XSS in Papermerge before 1.5.2 enables remote script injection via rename, tag, upload, or create folder; authentication may be bypassed if email consumption is configured.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Huntr
Cross-site Scripting (XSS) - Generic in ciur/papermerge
6 Feb 202100:00
–huntr
Circl
CVE-2020-29456
2 Dec 202012:54
–circl
CNNVD
Papermerge č·Øē«™č„šęœ¬ę¼ę“ž
2 Dec 202000:00
–cnnvd
CNVD
Papermerge Cross-Site Scripting Vulnerability
3 Dec 202000:00
–cnvd
CVE
CVE-2020-29456
2 Dec 202007:50
–cve
Cvelist
CVE-2020-29456
2 Dec 202007:50
–cvelist
EUVD
EUVD-2020-0126
7 Oct 202500:30
–euvd
Github Security Blog
Cross-site scripting in papermerge
20 Apr 202116:37
–github
NVD
CVE-2020-29456
2 Dec 202008:15
–nvd
OSV
GHSA-9W49-M7XH-5R39 Cross-site scripting in papermerge
20 Apr 202116:37
–osv
Rows per page
Vulners
Node
pypipapermergeRange1.2.0–1.5.2

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

02 Dec 2020 16:29Current
5.7Medium risk
Vulners AI Score5.7
CVSS 24.3
CVSS 3.16.1
EPSS0.01527
5