[issue38243] A reflected XSS in python/Lib/DocXMLRPCServer.py
STINNER Victor
report at bugs.python.org
Wed Sep 25 07:00:43 EDT 2019
STINNER Victor <vstinner at python.org> added the comment:
> Thanks for the report. There is a policy to report security vulnerabilities in CPython : https://www.python.org/news/security/.
The private security mailing list has been contacted first and we advice to open a public issue since we consider that it's not a major security issue.
To exploit this bug, the attacker has to control the XML-RPC server title.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue38243>
_______________________________________
More information about the Python-bugs-list
mailing list