0.002 Low
EPSS
Percentile
53.7%
roundup is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists as the value of uri is not sanitized, allowing XSS attacks to occur in frontends/roundup.cgi and roundup/cgi/wsgi_handler.py.
uri
frontends/roundup.cgi
roundup/cgi/wsgi_handler.py
bitbucket.org/python/roundup/commits/51682dc2cd7e28421d749117c25bec58f632ee5f
issues.roundup-tracker.org/issue2551035