2 matches found
Contentful <=2020-05-21 - Cross-Site Scripting
Contentful through 2020-05-21 for Python contains a reflected cross-site scripting vulnerability via the api parameter to the-example-app.py. id: CVE-2020-13258 info: name: Contentful alert...
CVE-2020-13258
CVE-2020-13258 affects Contentful for Python up to 2020-05-21, where the vulnerability resides in a reflected XSS via the api parameter to the-example-app.py. The issue arises in how input is reflected in the browser, enabling an attacker to execute malicious scripts in the victim’s context and p...