PyPi: Fastapi-Admin

CVE-2024-42816

Safety vulnerability ID: 72966

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Aug 26, 2024 Updated at Sep 01, 2024

Scan your Python projects for vulnerabilities →

Advisory

A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin, in affected versions, allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Product Name parameter.

Affected package

fastapi-admin

Latest version: 1.0.4

A fast admin dashboard based on FastAPI and TortoiseORM with tabler ui, inspired by Django admin.

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/fastapi-admin/fastapi-admin/issues/172
https://github.com/advisories/GHSA-22xm-w7r2-834q
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42816

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application