dpaste@2.7 vulnerabilities

A Django based pastebin for text and code.

Direct Vulnerabilities

Known vulnerabilities in the dpaste package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the expires parameter of the API. An attacker can execute arbitrary JavaScript code in the context of a user's browser, potentially leading to unauthorized access, data theft, or other malicious activities.

How to fix Cross-site Scripting (XSS)?

A fix was pushed into the master branch but not yet published.

[0,)
  • M
Cross-site Scripting (XSS)

dpaste is a Django based pastebin. It's intended to run separately but its also possible to be installed into an existing Django project like a regular app.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks due to not escaping HTML tags.

[,2.8)