logo

Database

Server side cross-site scripting In django-helpdesk

Description

django-helpdesk is vulnerable to Cross-site Scripting django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2021-39942. NVD-2021-39943. OSV-2021-39944. GHSA-2v5j-q74q-r53f5. GCVE-2021-3994

References

1. https://github.com/django-helpdesk/django-helpdesk/commit/a22eb0673fe0b7784f99c6b5fd343b64a6700f062. https://github.com/django-helpdesk/django-helpdesk/releases/tag/0.3.23. https://github.com/pypa/advisory-database/tree/main/vulns/django-helpdesk/PYSEC-2021-438.yaml4. https://huntr.dev/bounties/be7f211d-4bfd-44fd-91e8-682329906fbd

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.