Lucene search
K

4 matches found

ALT Linux
ALT Linux
added 2010/10/02 12:0 a.m.39 views

Security fix for the ALT Linux 5 package python-module-mako version 0.2.5-alt1.M51.1

Oct. 2, 2010 Vladimir Lettiev 0.2.5-alt1.M51.1 - Fixed CVE-2010-2480 - XSS via inadequate escaping patch from ubuntu + lib/mako/filters.py: use xml.sax.saxutils.escape instead of cgi.escape so we can escape single quotes...

4.3CVSS5.8AI score0.01809EPSS
Exploits0
securityvulns
securityvulns
added 2010/09/30 12:0 a.m.67 views

[USN-996-1] Mako vulnerability

=========================================================== Ubuntu Security Notice USN-996-1 September 29, 2010 mako vulnerability CVE-2010-2480 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS This advisory also...

4.3CVSS0.4AI score0.01809EPSS
Exploits0
OSV
OSV
added 2010/07/02 7:0 p.m.4 views

CVE-2010-2480

Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting XSS protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element...

5AI score
Exploits0References4
CVE
CVE
added 2010/07/02 6:30 p.m.79 views

CVE-2010-2480

CVE-2010-2480 affects the Mako templating library (before 0.3.4) which relied on Python’s cgi.escape for XSS protection. This can enable remote XSS via single-quote vectors and a BODY onLoad handler. Connected advisories document that fixes include upgrading to 0.3.4+ or applying patches (e.g., r...

4.3CVSS5AI score0.01809EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder