Python Paste vulnerability

ID USN-1026-1
Type ubuntu
Reporter Ubuntu
Modified 2010-12-07T00:00:00


It was discovered that Python Paste did not properly sanitize certain
strings, resulting in cross-site scripting (XSS) vulnerabilities. With
cross-site scripting vulnerabilities, if a user were tricked into viewing
server output during a crafted server request, a remote attacker could
exploit this to modify the contents, or steal confidential data, within
the same domain.