dateable.chronos@0.4 vulnerabilities

Dateable calendaring views

latest version

1.0
latest non vulnerable version

1.0
first published

16 years ago
latest version published

11 years ago
licenses detected
- GPL-3.0
  [0,)
View dateable.chronos package health on Snyk Advisor Open this link in a new tab

Known vulnerabilities in the dateable.chronos package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) dateable.chronos is a set of calendar views for Plone. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `get_view_day` method. How to fix Cross-site Scripting (XSS)? Upgrade `dateable.chronos` to version 0.8 or higher.	[,0.8)
M Cross-site Scripting (XSS) `dateable_chronos` is a Dateable calendaring views. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks due to not properly validating the date string.	[,0.8)