Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An issue was discovered in Mayan EDMS The Appearance app sets window.location directly, leading to XSS.
Advisories for Pypi/Mayan-Edms package
2018
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An issue was discovered in Mayan EDMS The Tags app has XSS because tag label values are mishandled.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An issue was discovered in Mayan EDMS The Cabinets app has XSS via a crafted cabinet label.