CVE-2022-41905: Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled
(updated )
Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks.
References
- github.com/advisories/GHSA-xx6g-jj35-pxjv
- github.com/mar10/wsgidav
- github.com/mar10/wsgidav/commit/e9606ab0f42f4c1a6611bc3c52de299b0aba7726
- github.com/mar10/wsgidav/security/advisories/GHSA-xx6g-jj35-pxjv
- github.com/pypa/advisory-database/tree/main/vulns/wsgidav/PYSEC-2022-43018.yaml
- nvd.nist.gov/vuln/detail/CVE-2022-41905
Code Behaviors & Features
Detect and mitigate CVE-2022-41905 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →