Safety vulnerability ID: 74431
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of Pyspider are vulnerable to Reflected Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). These issues allow attackers to execute arbitrary code on the host by exploiting unsanitized input in the /update endpoint and leveraging Basic HTTP Authentication without CSRF protection. An attacker can manipulate authenticated users into visiting a malicious site, leading to code execution. To mitigate, disable the WebUI or implement proper input sanitization and CSRF tokens
Latest version: 0.3.10
A Powerful Spider System in Python
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application