Lucene search
K

27 matches found

Prion
Prion
added 2018/09/05 2:29 p.m.19 views

Cross site scripting

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...

4.3CVSS5.8AI score0.01213EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2018/09/05 2:29 p.m.4 views

alo7-airflow (>=1.10.0 <=1.10.0.7), autologin (>=0.1.1 <=0.1.3) +3 more potentially affected by CVE-2018-16516 via flask-admin (>=1.4.0 <=1.5.2)

flask-admin PYPI version =1.4.0, =1.10.0, =0.1.1, =0.6.7.post3, =4.2.6, =0.1.0, =0.2.0 Source cves: CVE-2018-16516 Source advisory: OSV:PYSEC-2018-54...

6.1CVSS6.3AI score0.01213EPSS
Exploits1
PyPA
PyPA
added 2018/09/05 2:29 p.m.7 views

PYSEC-2018-54

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...

6.1CVSS6.2AI score0.01213EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/09/05 2:29 p.m.3 views

PYSEC-2018-54

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...

6.1CVSS6.3AI score0.01213EPSS
Exploits1References4
CVE
CVE
added 2018/09/05 2:0 p.m.83 views

CVE-2018-16516

CVE-2018-16516 affects Flask-Admin up to version 1.5.2, where helpers.py is vulnerable to reflected XSS via a crafted URL. The root cause is improper escaping that allows attacker-supplied input to be reflected in the response. Exploitation details are not provided in the documents beyond this de...

6.1CVSS5.6AI score0.01213EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/09/05 2:0 p.m.29 views

CVE-2018-16516

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...

5.8AI score0.01213EPSS
Exploits1References3
Veracode
Veracode
added 2016/12/30 5:23 a.m.5 views

Cross-Site Scripting (XSS)

flask-admin is vulnerable to cross-site scripting XSS attacks. This is because it does not escape html in columneditablelist values...

5.7AI score
Exploits0
Rows per page
Query Builder