Description
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
Remediation
References
Related Vulnerabilities
WordPress Plugin Team Members Cross-Site Scripting (5.2.0)
WordPress Plugin ThirstyAffiliates Affiliate Link Manager Cross-Site Scripting (3.9.2)
WordPress Plugin Stars Menu Cross-Site Scripting (1.0.1)
ownCloud Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-36252)
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-29204)