Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
xmltodict 0.14.2 - XML Injection
Vulnerability Description
XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by the vendor on the grounds that xmltodict.unparse() delegates element-name handling to Python's xml.sax.saxutils.XMLGenerator, and that XMLGenerator should be the component performing validation.
CVSS Information
N/A
Vulnerability Type
XML注入(XPath盲注)
Vulnerability Title
xmltodict 安全漏洞
Vulnerability Description
xmltodict是Martín Blech个人开发者的一个Python库。 xmltodict 0.14.2版本存在安全漏洞,该漏洞源于XML注入问题,可能导致输入数据操纵。
CVSS Information
N/A
Vulnerability Type
N/A