Security Advisory

CVE-2019-16925

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-27 23:32:28

Last updated 2024-08-05 01:24:48

Assigner mitre

State PUBLISHED

Description

Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesnt think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access

← Browse all CVEs View on cve.org ↗