Опубликовано: 26 авг. 2024
Источник: github
Github: Прошло ревью
CVSS4: 5.1
CVSS3: 6.1
Описание
FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function
A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.
Пакеты
Наименование
fastapi-admin
pip
Затронутые версииВерсия исправления
<= 0.1.4
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
10 месяцев назад
A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.