EPSS
Percentile
26.2%
wsgidav is vulnerable to cross-site scripting. The vulnerability exists in the __init__ function of _dir_browser.py when directory browsing is enabled which allows an attacker to inject and execute malicious JavaScript.
__init__
_dir_browser.py
github.com/mar10/wsgidav/commit/e9606ab0f42f4c1a6611bc3c52de299b0aba7726
github.com/mar10/wsgidav/security/advisories/GHSA-xx6g-jj35-pxjv