11 matches found
EUVD-2023-3285
Malicious code in bioql PyPI...
Cross-site Scripting (XSS)
dpaste is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to improper lexer validation in views.py, which allows an attacker to inject and execute malicious JavaScript into the browser, resulting in XSS...
CVE-2023-49277
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary...
Cross site scripting
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary...
CVE-2023-49277 Reflected Cross-site Scripting Vulnerability in dpaste
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary...
CVE-2023-49277 Reflected Cross-site Scripting Vulnerability in dpaste
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary...
CVE-2023-49277 Reflected Cross-site Scripting Vulnerability in dpaste
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary...
CVE-2023-49277
CVE-2023-49277 affects dpaste, a Django-based Python pastebin. The vulnerability is a reflected XSS in the expires parameter of the dpaste API, allowing an attacker to execute arbitrary JavaScript in a user’s browser. Public descriptions consistently state that versions older than dpaste v3.8 are...
GHSA-R8J9-5CJ7-CV39 Reflected XSS Vulnerability in dpaste
Impact A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of a user's browser, potentially leading to unauthorized...
Reflected XSS Vulnerability in dpaste
Impact A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of a user's browser, potentially leading to unauthorized...
PT-2023-31144 · Dpaste · Dpaste
Name of the Vulnerable Software and Affected Versions: dpaste versions prior to v3.8 Description: A security issue has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This can be exploited by an attacker to execute arbitrary JavaScript code in...