Lucene search
Veracode Vulnerability DatabaseVERACODE:36336HistoryJul 13, 2022 - 9:05 a.m.
Cross-site Scripting (XSS)
2022-07-1309:05:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
30.9%
whoogle_search is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of data input in the HTTP error_message request allowing an attacker to inject maliciously crafted script via flask.render_template function in error.html.
| CPE | Name | Operator | Version |
|---|---|---|---|
| whoogle-search | le | 0.7.1 | |
| whoogle-search | le | 0.7.1 |
Related
osv
osv
PYSEC-2022-226
2022-07-12 15:15:00
Whoogle Search Cross-site Scripting via string parameter
2022-07-15 15:37:39
CVE-2022-25303
2022-07-12 15:15:09
prion
prion
Cross site scripting
2022-07-12 15:15:00
nvd
nvd
CVE-2022-25303
2022-07-12 15:15:09
cve
cve
CVE-2022-25303
2022-07-12 15:15:09
cvelist
cvelist
CVE-2022-25303 Cross-site Scripting (XSS)
2022-07-12 00:00:00
github
github
Whoogle Search Cross-site Scripting via string parameter
2022-07-15 15:37:39