CVE-2021-42134

CVE-2021-42134

EPSS 0.7%

The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/adamghill/django-unicorn/commit/3a832a9e3f6455ddd3b87f646247269918ad10c6 https://github.com/adamghill/django-unicorn/compare/0.36.0...0.36.1