Security Advisory

CVE-2010-2480

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-07-02 18:30:00

Last updated 2024-08-07 02:32:16

Assigner redhat

State PUBLISHED

Description

Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.

← Browse all CVEs View on cve.org ↗