Количество 2
Количество 2
CVE-2019-16925
Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access
GHSA-q2hg-9256-vrxm
Flower 1.0.0 has XSS via the name parameter in an @app.task call.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-16925 Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
| GHSA-q2hg-9256-vrxm Flower 1.0.0 has XSS via the name parameter in an @app.task call. | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу