USN-6787-1: Jinja2 vulnerability - Cyber Security News

Read Time:12 Second

It was discovered that Jinja2 incorrectly handled certain HTML attributes
that were accepted by the xmlattr filter. An attacker could use this issue
to inject arbitrary HTML attribute keys and values to potentially execute
a cross-site scripting (XSS) attack.

More Stories

USN-7187-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 6, 2025

USN-7186-1: Linux kernel (Intel IoTG) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025

USN-7179-2: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025

USN-7185-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

January 6, 2025

USN-7184-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

January 6, 2025

USN-7183-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 6, 2025