Описание
ydata cross-site scripting
A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser.
Пакеты
Наименование
ydata-profiling
pip
Затронутые версииВерсия исправления
>= 3.7.0, <= 4.8.3
Отсутствует
Связанные уязвимости
CVSS3: 7.8
nvd
больше 1 года назад
A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser.