CVE-2020-7734

Cross-site Scripting (XSS)

CVSS 8.2 HIGHEPSS 1.3%

All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L/E:F

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/arachnys/cabot/pull/694 https://itsmeanonartist.tech/blogs/blog2.html https://snyk.io/vuln/SNYK-PYTHON-CABOT-609862 https://www.exploit-db.com/exploits/48791