2 matches found
CVE-2024-39162
pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2024-39162
CVE-2024-39162 affects pyspider up to version 0.3.10, with a Cross-site Scripting (XSS) flaw exploitable via the /update endpoint. The issue stems from improper sanitization of the name parameter, and is limited to software that is no longer maintained. Public details consistently note that there...