Unicorn
Monthly
Unicorn adds modern reactive component functionality to your Django templates. versions up to 0.67.0 is affected by improper access control (CVSS 5.3).
The Unicorn framework before 0.36.1 for Django allows XSS via a component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Unicorn framework through 0.35.3 for Django allows XSS via component.name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Unicorn adds modern reactive component functionality to your Django templates. versions up to 0.67.0 is affected by improper access control (CVSS 5.3).
The Unicorn framework before 0.36.1 for Django allows XSS via a component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The Unicorn framework through 0.35.3 for Django allows XSS via component.name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.