Description

An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

Remediation

References

CVE-2023-24329

Related Vulnerabilities

WordPress Plugin Animate It! Cross-Site Scripting (2.3.4)

WordPress Plugin Html5 Audio Player-Audio Player for WordPress Cross-Site Scripting (2.1.2)

WordPress Improper Input Validation Vulnerability (CVE-2017-9065)

WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)

MySQL CVE-2022-21318 Vulnerability (CVE-2022-21318)

Severity

High

Classification

CVE-2023-24329 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities