8 matches found
PraisonAI 跨站脚本漏洞
PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained a cross-site scripting vulnerability. This vulnerability stemmed from Flask API endpoints rendering HTML, where cleanup operations were ineffective, allowing...
CVE-2024-39163
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...
GHSA-PQJ8-XHCX-PRXM pyspider Cross-Site Request Forgery (CSRF) via the Flask endpoints
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...
pyspider Cross-Site Request Forgery (CSRF) via the Flask endpoints
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...
Cross-site Request Forgery (CSRF)
Overview pyspider is an A Powerful Spider System in Python Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the Flask endpoints. An attacker can manipulate the state of the application. Remediation There is no fixed version for pyspider. References -...
CVE-2024-39163
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...
CVE-2024-39163
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...
CVE-2024-39163
binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...