CVE-2021-42053 Information

Jun 07, 2022 cve

Description

The Unicorn framework through 0.35.3 for Django allows XSS via component.name.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Reference

https://github.com/adamghill/django-unicorn/pull/288/files http://packetstormsecurity.com/files/164442/django-unicorn-0.35.3-Cross-Site-Scripting.html https://github.com/adamghill/django-unicorn/compare/0.35.3…0.36.0

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4

Share on: