Количество 25
Количество 25
GHSA-qhmv-wcg2-h8hx
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through ...
ELSA-2020-3911
ELSA-2020-3911: python security update (MODERATE)
BDU:2020-04508
Уязвимость сервера документации XML-RPC интерпретатора языка программирования Python, позволяющая нарушителю осуществить межсайтовую сценарную атаку
openSUSE-SU-2019:2453-1
Security update for python3
openSUSE-SU-2019:2438-1
Security update for python3
SUSE-SU-2019:2802-1
Security update for python3
SUSE-SU-2019:2748-2
Security update for python
SUSE-SU-2019:2748-1
Security update for python
ELSA-2020-3888
ELSA-2020-3888: python3 security update (MODERATE)
openSUSE-SU-2019:2393-1
Security update for python
openSUSE-SU-2019:2389-1
Security update for python
SUSE-SU-2019:2743-1
Security update for python
ELSA-2020-4433
ELSA-2020-4433: python3 security and bug fix update (MODERATE)
SUSE-SU-2020:2699-1
Security update for python3
RLSA-2020:1605
Moderate: python27:2.7 security, bug fix, and enhancement update
openSUSE-SU-2020:2333-1
Security update for python3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-qhmv-wcg2-h8hx The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | около 3 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through ... | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| ELSA-2020-3911 ELSA-2020-3911: python security update (MODERATE) | больше 4 лет назад | ||
 | BDU:2020-04508 Уязвимость сервера документации XML-RPC интерпретатора языка программирования Python, позволяющая нарушителю осуществить межсайтовую сценарную атаку | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
 | openSUSE-SU-2019:2453-1 Security update for python3 | больше 5 лет назад | ||
| openSUSE-SU-2019:2438-1 Security update for python3 | больше 5 лет назад | ||
| SUSE-SU-2019:2802-1 Security update for python3 | больше 5 лет назад | ||
| SUSE-SU-2019:2748-2 Security update for python | больше 5 лет назад | ||
| SUSE-SU-2019:2748-1 Security update for python | больше 5 лет назад | ||
| ELSA-2020-3888 ELSA-2020-3888: python3 security update (MODERATE) | больше 4 лет назад | ||
| openSUSE-SU-2019:2393-1 Security update for python | больше 5 лет назад | ||
| openSUSE-SU-2019:2389-1 Security update for python | больше 5 лет назад | ||
| SUSE-SU-2019:2743-1 Security update for python | больше 5 лет назад | ||
| ELSA-2020-4433 ELSA-2020-4433: python3 security and bug fix update (MODERATE) | больше 4 лет назад | ||
| SUSE-SU-2020:2699-1 Security update for python3 | больше 4 лет назад | ||
 | RLSA-2020:1605 Moderate: python27:2.7 security, bug fix, and enhancement update | около 5 лет назад | ||
| openSUSE-SU-2020:2333-1 Security update for python3 | больше 4 лет назад |
Уязвимостей на страницу