PYSEC-2020-227

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/cabot/PYSEC-2020-227.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2020-227

Aliases

CVE-2020-7734
GHSA-mqwh-r366-4224
SNYK-PYTHON-CABOT-609862

Published

2020-09-22T08:15:00Z

Modified

2023-11-01T04:53:36.254057Z

Summary

[none]

Details

All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.

References

https://itsmeanonartist.tech/blogs/blog2.html
https://www.exploit-db.com/exploits/48791
https://snyk.io/vuln/SNYK-PYTHON-CABOT-609862
https://github.com/arachnys/cabot/pull/694

Affected packages

PyPI / cabot

Package

Name: cabot; View open source insights on deps.dev
Purl: pkg:pypi/cabot

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6.0

0.8.4

0.8.5

0.8.6

0.8.7

0.9.0

0.9.1

0.9.2

0.10.0

0.10.1

0.10.2

0.10.3

0.10.4

0.10.5

0.10.6

0.10.7

0.10.8

0.11.1

0.11.2

0.11.3

0.11.4

0.11.5

0.11.6

0.11.7

0.11.8

0.11.9

0.11.10

0.11.12

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/cabot/PYSEC-2020-227.yaml"