Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The Unicorn framework for Django allows XSS via a component. NOTE, this issue exists because of an incomplete fix for CVE-2021-42053.
Advisories for Pypi/Unicorn package
2021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The Unicorn framework for Django allows XSS via component.name.