whoogle_search is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of data input in the HTTP error_message
request allowing an attacker to inject maliciously crafted script via flask.render_template function in error.html.
CPE | Name | Operator | Version |
---|---|---|---|
whoogle-search | le | 0.7.1 | |
whoogle-search | le | 0.7.1 |