Описание
hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates.
EPSS
Процентиль: 54%
0.00316
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
github
около 1 года назад
hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates.
EPSS
Процентиль: 54%
0.00316
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79