Cross-site Scripting in django-unicorn
Moderate severity
GitHub Reviewed
Published
Oct 12, 2021
to the GitHub Advisory Database
•
Updated Sep 16, 2024
Description
Published by the National Vulnerability Database
Oct 11, 2021
Reviewed
Oct 12, 2021
Published to the GitHub Advisory Database
Oct 12, 2021
Last updated
Sep 16, 2024
The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053.
References