Improper Restriction of XML External Entity Reference in Quokka
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.
Advisories for Pypi/Quokka package
2021
Improper Restriction of XML External Entity Reference in Quokka
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.
Cross Site Scripting (XSS) in Quokka
Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'.