FastAPI — CWE-79

All Frameworks › FastAPI › CWE-79

2 CVEs categorized as CWE-79 — Cross-site Scripting (XSS) in FastAPI.

CVE-2024-42818MEDIUM2024

A cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.

CVE-2024-42816MEDIUM2024

A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.