CVE-2020-28364

Cross-site Scripting in pypi/locust

Identifiers

CVE-2020-28364

Package Slug

pypi/locust

Vulnerability

Cross-site Scripting

Description

A stored cross-site scripting (XSS) vulnerability affects the Web UI in Locust, if the installation violates the usage expectations by exposing this UI to outside users.

Affected Versions

All versions before 1.3.2

Solution

Upgrade to version 1.3.2 or above.

Last Modified

2020-11-18

source