-
does it sanitise - or any other similar exploit?
-
Vulnerable Library - Jinja2-3.1.2-py3-none-any.whl
A very fast and expressive template engine.
Library home page: https://files.pythonhosted.org/packages/bc/c3/f068337a370801f372f2f8f6bad74a5c140f6f…
-
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
### Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of t…
-
```
What steps will reproduce the problem?
1. If a user is logged in, an attacker can send him a link to add-tag.php with
javascript in the tag GET field.
2. When the user goes back to the main page,…
-
Vulnerable Library - bootstrap-3.3.7.min.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/lib…
-
-
Vulnerable Library - nltk-3.7-py3-none-any.whl
Natural Language Toolkit
Library home page: https://files.pythonhosted.org/packages/43/0b/8298798bc5a9a007b7cae3f846a3d9a325953e0f9c238affa478b4d59324/…
-
# Summary
The ThinkSAAS 3.7.0 application contains a storage XSS vulnerability caused by insufficient sanitization of user input. Specifically, the parameters `site_title`, `site_subtitle`, `site_key…
-
Vulnerable Library - jsoup-1.14.3.jar
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the be…
-
### Is your feature request related to a problem? Please describe.
Yes, the issue is that the cookie set by `next-intl` does not have the `HttpOnly` flag. This can present a security risk because coo…