3 matches found
Cross Site Scripting(XSS)
aiohttp is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the web.static..., showindex=True function, allowing an attacker with the ability to upload arbitrary filenames to the static file directory to perform Cross Site Scripting due to improper filename santization. Uses wh...
CVE-2015-5186
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...
DEBIAN-CVE-2015-5186
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...