5 matches found
CVE-2026-3962
A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function rendertemplate of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...
CVE-2026-3962
A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function rendertemplate of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...
CVE-2026-3962
The CVE-2026-3962 entry affects Jcharis Machine-Learning-Web-Apps (up to a6996b634d98ccec4701ac8934016e8175b60eb5) where the render_template function in Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py under the Jinja2 Template Handler is vulnerable to cross-site...
Whoogle Search Cross-site Scripting via string parameter
The package whoogle-search before version 0.7.2 is vulnerable to Cross-site Scripting XSS via the query string parameter q. In the case where it does not contain the http string, it is used to build the errormessage that is then rendered in the error.html template, using the flask.rendertemplate...
CVE-2022-25303
The CVE-2022-25303 issue affects the Whoogle Search project (before v0.7.2). The vulnerability is a Cross-site Scripting (XSS) flaw in the query parameter q: when the value does not contain http, it is used to build error_message, which is then rendered via Flask's render_template with the Jinja2...