CVE-2021-4315

Advisory

A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. This vulnerability affects unknown code of the file psiturk/experiment.py. The manipulation of the argument mode leads to improper neutralization of special elements used in a template engine. The exploit has been disclosed to the public and may be used.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

• https://github.com/advisories/GHSA-9mq4-9556-6qxq
• https://nvd.nist.gov/vuln/detail/CVE-2021-4315
• https://github.com/NYUCCL/psiTurk/pull/517
• https://github.com/NYUCCL/psiTurk/commit/47787e15cecd66f2aa87687bf852ae0194a4335f
• https://github.com/NYUCCL/psiTurk
• https://github.com/NYUCCL/psiTurk/releases/tag/v3.2.1
• https://vuldb.com/?ctiid.219676
• https://vuldb.com/?id.219676
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4315