Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Pallets Flask

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Pallets Flask. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending ...

Security Bulletin: Vulnerability in Pallets Flask affects IBM Process Mining . CVE-2023-30861

Summary There is a vulnerability in Pallets Flask that could allow a remote attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-30861...

Security Bulletin: Pallets Flask is vulnerable to CVE-2023-30861 used in IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses Pallets Flask which is vulnerable to CVE-2023-30861 Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted...

EulerOS 2.0 SP3 : python-werkzeug (EulerOS-SA-2021-2612)

According to the versions of the python-werkzeug package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11...

Pallets Flask Pallets Werkzeug Cross Site Scripting Vulnerability

Pallets Flask is a Python-based web application development tool from the Pallets project.Pallets Werkzeug is one of the WSGI toolkits. A cross-site scripting vulnerability exists in the 'renderfull' function of the debug/tbtools.py file of the debugger for Pallets Flask and other products used i...

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

CVE-2016-10516

Affected software: Pallets Werkzeug (Python library) used by Flask. Vulnerable path: render_full in debug/tbtools.py. Root cause: improper validation of user-supplied input via an exception message, enabling cross-site scripting (XSS). Impact: remote attacker could inject arbitrary script into a ...

UBUNTU-CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...