Makotemplates Mako : Security vulnerabilities, CVEs

CVE-2010-2480

Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.

Max CVSS

4.3

EPSS Score

0.22%

Published

2010-07-02

Updated

2023-02-13

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Makotemplates » Mako : Security Vulnerabilities, CVEs,

CVE-2010-2480