Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.
Metrics
Affected Vendors & Products
References
History
Sat, 28 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat ansible Automation Platform |
|
CPEs | cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 |
|
Vendors & Products |
Redhat
Redhat ansible Automation Platform |
Wed, 11 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Twisted
Twisted twisted |
|
CPEs | cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:* | |
Vendors & Products |
Twisted
Twisted twisted |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-29T15:41:40.289Z
Updated: 2024-08-02T04:46:52.679Z
Reserved: 2024-07-22T13:57:37.136Z
Link: CVE-2024-41810
Vulnrichment
Updated: 2024-08-02T04:46:52.679Z
NVD
Status : Modified
Published: 2024-07-29T16:15:05.133
Modified: 2024-11-21T09:33:07.197
Link: CVE-2024-41810
Redhat