PYSEC-2018-16

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2018-16
Aliases
Published
2018-09-03T19:29:00Z
Modified
2026-06-10T17:02:05.593648122Z
Summary
[none]
Details

An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.

References

Affected packages

PyPI / mayan-edms-ng

Package

Name
mayan-edms-ng
View open source insights on deps.dev
Purl
pkg:pypi/mayan-edms-ng

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.2

Affected versions

2.*
2.8
3.*
3.0
3.0.1

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/mayan-edms-ng/PYSEC-2018-16.yaml"