Lucene search
Veracode Vulnerability DatabaseVERACODE:38515HistoryDec 16, 2022 - 6:24 a.m.
Cross-Site Scripting (XSS)
2022-12-1606:24:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
cross-site scripting
collective.task
rendercell function
table.py
javascript injection
software vulnerability
0.001 Low
EPSS
Percentile
30.4%
collective.task is vulnerable to cross-site scripting. The vulnerability exists in the renderCell function of table.py due to missing escape columns which allows an attacker to inject and execute malicious JavaScript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| collective.task | le | 3.0.8 | |
| collective.task | le | 2.3 | |
| collective.task | le | 3.0.8 | |
| collective.task | le | 2.3 |
Related
osv
osv
CVE-2022-4527
2022-12-15 21:15:13
collective.task Cross-site Scripting vulnerability
2022-12-15 21:30:26
PYSEC-2022-42990
2022-12-15 21:15:00
cve
cve
CVE-2022-4527
2022-12-15 21:15:13
nvd
nvd
CVE-2022-4527
2022-12-15 21:15:13
cvelist
cvelist
prion
prion
Cross site scripting
2022-12-15 21:15:00
github
github
collective.task Cross-site Scripting vulnerability
2022-12-15 21:30:26