PYSEC-2014-99
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/ajenti/PYSEC-2014-99.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2014-99
- Aliases
-
- CVE-2014-4301
- GHSA-2ch8-f849-pjg3
- Published
- 2014-06-18T14:55:00Z
- Modified
- 2023-11-08T03:57:41.662483Z
- Summary
- [none]
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in the responderror function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to (1) resources.js or (2) resources.css in ajenti:static/, related to the traceback page.
- References
Affected packages
PyPI / ajenti
Package
- Name
- ajenti
- View open source insights on deps.dev
- Purl
- pkg:pypi/ajenti
Affected ranges
- Type
- GIT
- Repo
- https://github.com/Eugeny/ajenti
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.21.7
Affected versions
0.*
0.99.7
0.99.8
0.99.11
0.99.19
0.99.20
0.99.21
0.99.22
0.99.23
0.99.24
0.99.25
0.99.26
0.99.27
0.99.28
0.99.29
0.99.30
0.99.31
0.99.32
0.99.33
0.99.34
0.99.35
0.99.36
0.99.37
0.99.38
0.99.39
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.8
1.1.8.2
1.1.9
1.1.9.1
1.1.9.2
1.1.9.3
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.6.1
1.2.6.2
1.2.7
1.2.8
1.2.9
1.2.10
1.2.11
1.2.11.1
1.2.11.2
1.2.13
1.2.13.1
1.2.13.2
1.2.14
1.2.14.1
1.2.15
1.2.15.1
1.2.16
1.2.16.1
1.2.16.2
1.2.17
1.2.17.1
1.2.17.2
1.2.18
1.2.18.2
1.2.18.4
1.2.18.5
1.2.18.6
1.2.19.0
1.2.19.1
1.2.19.2
1.2.19.3
1.2.19.4
1.2.19.5
1.2.19.6
1.2.19.7
1.2.19.8
1.2.20.0
1.2.20.1
1.2.20.2
1.2.20.3
1.2.20.4
1.2.20.5
1.2.20.6
1.2.20.7
1.2.20.8
1.2.20.9
1.2.20.10
1.2.21.0
1.2.21.1
1.2.21.2
1.2.21.3
1.2.21.4
1.2.21.5
1.2.21.6