PYSEC-2019-27

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/invenio-records/PYSEC-2019-27.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2019-27
Aliases
Published
2019-07-29T15:15:00Z
Modified
2023-11-08T04:00:42.679955Z
Summary
[none]
Details

invenio-records before 1.2.2 allows XSS.

References

Affected packages

PyPI / invenio-records

Package

Name
invenio-records
View open source insights on deps.dev
Purl
pkg:pypi/invenio-records

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2

Affected versions

0.*

0.1.0
0.2.0
0.2.1
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.4.post1

1.*

1.0.0a1
1.0.0a2
1.0.0a3
1.0.0a4
1.0.0a5
1.0.0a6
1.0.0a7
1.0.0a8
1.0.0a9
1.0.0a10
1.0.0a11
1.0.0a12
1.0.0a14
1.0.0a15
1.0.0a16
1.0.0a17
1.0.0b1
1.0.0b2
1.0.0b3
1.0.0b4
1.0.0
1.0.1