Back to search
CVE-2019-10904
Published: Apr 6, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/python/bugs.python.org/issues/34
x_refsource_MISC
https://bugs.python.org/issue36391
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2019/04/05/1
x_refsource_MISC
[oss-security] 20190407 Re: XSS in roundup bug tracker 404 page
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20190407 [SECURITY] [DLA 1750-1] roundup security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now