Read Time:20 Second

Posted by Georgi Guninski on Mar 21

Is there low hanging fruit for the following observation?

The documentation of the python cgi module is vulnerable to XSS
(cross site scripting)

https://docs.python.org/3/library/cgi.html

“`
form = cgi.FieldStorage()
print(“<p>name:”, form[“name”].value)
print(“<p>addr:”, form[“addr”].value)
“`

First result on google for “tutorial python cgi”
is…

Read More