CVE-2020-19000

描述

Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary code via line 54 of the component 'simiki/blob/master/simiki/generators.py'.

受影響套件(2)

• PyPI/simikifrom 0, < 1.6.2.2
• PyPI/simikifrom 0

CVSS 分數

參考連結(5)

• ADVISORYhttps://github.com/advisories/GHSA-fqr5-qphf-vfr8
• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-19000
• PATCHhttps://github.com/tankywoo/simiki
• WEBhttps://github.com/pypa/advisory-database/tree/main/vulns/simiki/PYSEC-2021-347.yaml
• WEBhttps://github.com/tankywoo/simiki/issues/123