CVE-2021-42134
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pypi/unicorn
Identifiers
CVE-2021-42134
Package Slug
pypi/unicorn
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
The Unicorn framework for Django allows XSS via a component. NOTE, this issue exists because of an incomplete fix for CVE-2021-42053.
Affected Versions
All versions before 0.36.1
Solution
Upgrade to version 0.36.1 or above.
Last Modified
2021-10-19
| source |