10 matches found
CVE-2021-39286
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
Cross-site scripting in pywb
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
GHSA-947X-PV47-PP3Q Cross-site scripting in pywb
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
CVE-2021-39286
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
CVE-2021-39286
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
Cross site scripting
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
PYSEC-2021-120
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
CVE-2021-39286
Webrecorder pywb before 2.6.0 is vulnerable to cross-site scripting (XSS) because Jinja2 templates are not automatically escaped. The CVE-2021-39286 entry is supported by multiple connected sources (e.g., GHSA-947X-PV47-PP3Q, OSV, CVE records) describing the same issue. Impact is XSS in affected ...
CVE-2021-39286
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...
Github pywb 跨站脚本漏洞
Github pywb is a Python 2 and 3 web archiving toolkit for replaying large and small web archives as accurately as possible. A security vulnerability exists in Webrecorder pywb versions prior to 2.6.0, which stems from the fact that the affected product does not ensure that Jinja2 templates are...