GHSA-wcm6-wv95-7jw6
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wcm6-wv95-7jw6
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-wcm6-wv95-7jw6/GHSA-wcm6-wv95-7jw6.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wcm6-wv95-7jw6
- Aliases
- Published
- 2023-01-27T00:30:18Z
- Modified
- 2023-11-08T04:11:09.032757Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- Cross-site Scripting in pyload-ng
- Details
-
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.
- Database specific
{ "nvd_published_at": "2023-01-26T22:15:00Z", "github_reviewed_at": "2023-01-27T01:15:38Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-79" ] }- References
Affected packages
PyPI / pyload-ng
Package
- Name
- pyload-ng
- View open source insights on deps.dev
- Purl
- pkg:pypi/pyload-ng
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.5.0b3.dev42
Affected versions
0.*
0.5.0a5.dev528
0.5.0a5.dev532
0.5.0a5.dev535
0.5.0a5.dev536
0.5.0a5.dev537
0.5.0a5.dev539
0.5.0a5.dev540
0.5.0a5.dev545
0.5.0a5.dev562
0.5.0a5.dev564
0.5.0a5.dev565
0.5.0a6.dev570
0.5.0a6.dev578
0.5.0a6.dev587
0.5.0a7.dev596
0.5.0a8.dev602
0.5.0a9.dev615
0.5.0a9.dev629
0.5.0a9.dev632
0.5.0a9.dev641
0.5.0a9.dev643
0.5.0a9.dev655
0.5.0a9.dev806
0.5.0b1.dev1
0.5.0b1.dev2
0.5.0b1.dev3
0.5.0b1.dev4
0.5.0b1.dev5
0.5.0b2.dev9
0.5.0b2.dev10
0.5.0b2.dev11
0.5.0b2.dev12
0.5.0b3.dev13
0.5.0b3.dev14
0.5.0b3.dev17
0.5.0b3.dev18
0.5.0b3.dev19
0.5.0b3.dev20
0.5.0b3.dev21
0.5.0b3.dev22
0.5.0b3.dev24
0.5.0b3.dev26
0.5.0b3.dev27
0.5.0b3.dev28
0.5.0b3.dev29
0.5.0b3.dev30
0.5.0b3.dev31
0.5.0b3.dev32
0.5.0b3.dev33
0.5.0b3.dev34
0.5.0b3.dev35
0.5.0b3.dev38
0.5.0b3.dev39
0.5.0b3.dev40
0.5.0b3.dev41