CVE-2021-39286
Webrecorder pywb before 2.6.0 is vulnerable to cross-site scripting (XSS) because Jinja2 templates are not automatically escaped. The CVE-2021-39286 entry is supported by multiple connected sources (e.g., GHSA-947X-PV47-PP3Q, OSV, CVE records) describing the same issue. Impact is XSS in affected ...