Cross Site Scripting Vulnerability in fabric-sdk-py source code

Disclosed: 2022-08-17 14:53:35 By bhaskar_ram To hyperledger

Unknown

Vulnerability Details

See this fix on GitHub https://github.com/hyperledger/fabric-sdk-py/pull/175 ## Impact Some old affected versions of this package are vulnerable to Cross-site Scripting (XSS). Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Actions

View on HackerOne

Report Stats

Report ID: 1670187
State: Closed
Substate: informative
Upvotes: 9

Cross Site Scripting Vulnerability in fabric-sdk-py source code

Vulnerability Details

Actions

Report Stats

Share this report