9 matches found
EUVD-2023-41537
Malicious code in bioql PyPI...
CVE-2023-37658
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
CVE-2023-37658
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
CVE-2023-37658
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
Cross site scripting
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
CVE-2023-37658
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
CVE-2023-37658
CVE-2023-37658 affects fast-poster v2.15.0. The vulnerability is in the file upload path: ApiUploadHandler.post in /server/fast.py, where the image check is based on binary data and does not strictly verify the file suffix, enabling stored XSS. Several connected sources confirm this issue; exploi...
CVE-2023-37658
fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...
PT-2023-26063 · Unknown · Fast-Poster
Name of the Vulnerable Software and Affected Versions: fast-poster version 2.15.0 Description: The issue concerns a Cross Site Scripting XSS problem. Specifically, it involves the upload of files, where the check for image files is performed based on binary data but does not strictly verify the...