Read Time:20 Second
Posted by Georgi Guninski on Mar 21
Is there low hanging fruit for the following observation?
The documentation of the python cgi module is vulnerable to XSS
(cross site scripting)
https://docs.python.org/3/library/cgi.html
“`
form = cgi.FieldStorage()
print(“<p>name:”, form[“name”].value)
print(“<p>addr:”, form[“addr”].value)
“`
First result on google for “tutorial python cgi”
is…