CVE-2024-23341

TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using tuitsehtml without quoting the input, there is a html...

Input validation

TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using tuitsehtml without quoting the input, there is a html...

PYSEC-2024-22

TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using tuitsehtml without quoting the input, there is a html...

CVE-2024-23341 TuiTse-TsuSin html injection vulnerability in `tuitse_html` function

TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using tuitsehtml without quoting the input, there is a html...

html injection vulnerability in the `tuitse_html` function.

Impact When using tuitsehtml without quoting the input, there is a html injection vulnerability. It should use the django version django.utils.html.formathtml, instead of string.format Patches Upgrade to version 1.3.2. Workarounds Sanitizing Taigi input with HTML quotation. References...

PT-2024-19821 · Unknown · Tuitse-Tsusin

Name of the Vulnerable Software and Affected Versions: TuiTse-TsuSin versions prior to 1.3.2 Description: The issue is related to a html injection vulnerability when using tuitse html without quoting the input. This vulnerability can be exploited when the tuitse html function is used without prop...