PT-2024-21809 · Aiohttp +7 · Aiohttp +7
Name of the Vulnerable Software and Affected Versions: aiohttp versions prior to 3.9.4 Description: A XSS vulnerability exists on index pages for static file handling. This issue arises when using web.static..., show index=True, as the resulting index pages do not escape file names, making the...