3 matches found
FreeBSD : py-WsgiDAV -- XSS vulnerability (1a15b928-5011-4953-8133-d49e24902fe1)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1a15b928-5011-4953-8133-d49e24902fe1 advisory. - WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library...
manabi (>=0.1.0 <=0.4.0) potentially affected by CVE-2022-41905 via wsgidav (=3.1.1)
wsgidav PYPI version =3.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on wsgidav and may be impacted: - manabi =0.1.0, =0.4.0 Source cves: CVE-2022-41905 Source advisory: OSV:PYSEC-2022-43018...
CVE-2022-41905
WsgiDAV (WebDAV server) is affected by CVE-2022-41905 when directory browsing is enabled. The vulnerability enables Cross-Site Scripting (XSS) in scenarios where untrusted data is displayed in the directory browser UI. The issue has been patched; upgrading to WsgiDAV 4.1.0 is recommended. As a wo...