PYSEC-2019-25

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/invenio-communities/PYSEC-2019-25.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2019-25
Aliases
Published
2019-07-29T15:15:00Z
Modified
2023-11-08T04:00:42.739781Z
Summary
[none]
Details

invenio-communities before 1.0.0a20 allows XSS.

References

Affected packages

PyPI / invenio-communities

Package

Name
invenio-communities
View open source insights on deps.dev
Purl
pkg:pypi/invenio-communities

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0a20

Affected versions

1.*

1.0.0a1
1.0.0a2
1.0.0a3
1.0.0a4
1.0.0a5
1.0.0a6
1.0.0a7
1.0.0a8
1.0.0a9
1.0.0a10
1.0.0a11
1.0.0a12
1.0.0a13
1.0.0a14
1.0.0a15
1.0.0a16
1.0.0a17
1.0.0a18
1.0.0a19

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/invenio-communities/PYSEC-2019-25.yaml"