Posted by Georgi Guninski on Mar 21
Is there low hanging fruit for the following observation?
The documentation of the python cgi module is vulnerable to XSS
(cross site scripting)
https://docs.python.org/3/library/cgi.html
“`
form = cgi.FieldStorage()
print(“<p>name:”, form[“name”].value)
print(“<p>addr:”, form[“addr”].value)
“`
First result on google for “tutorial python cgi”
is…
More Stories
kernel-6.8.10-100.fc38
FEDORA-2024-88abd103c8 Packages in this update: kernel-6.8.10-100.fc38 Update description: The 6.8.10 stable kernel update contains a number of important fixes across...
kernel-6.8.10-200.fc39
FEDORA-2024-49fcf86f58 Packages in this update: kernel-6.8.10-200.fc39 Update description: The 6.8.10 stable kernel update contains a number of important fixes across...
kernel-6.8.10-300.fc40
FEDORA-2024-92664ae6fe Packages in this update: kernel-6.8.10-300.fc40 Update description: The 6.8.10 stable kernel update contains a number of important fixes across...
dotnet8.0-8.0.105-1.fc40
FEDORA-2024-56fb9c0762 Packages in this update: dotnet8.0-8.0.105-1.fc40 Update description: This is the May 2024 release for .NET 8. This is a...
webkitgtk-2.44.2-1.fc40
FEDORA-2024-1f37da80ec Packages in this update: webkitgtk-2.44.2-1.fc40 Update description: Make gamepads visible on axis movements, and not only on button presses....
webkitgtk-2.44.2-1.fc39
FEDORA-2024-3b912f1f3e Packages in this update: webkitgtk-2.44.2-1.fc39 Update description: Make gamepads visible on axis movements, and not only on button presses....