7.260701.0
7 years ago
4 days ago
Known vulnerabilities in the pycti package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
pycti is a Python API client for OpenCTI. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) because the content of the body field isn't appropriately sanitized when being rendered. The vulnerability does require user interaction but could be exploited by someone sharing stix or any of the ingester. How to fix Cross-site Scripting (XSS)? Upgrade | [,7.260227.0) |
pycti is a Python API client for OpenCTI. Affected versions of this package are vulnerable to Access Control Bypass via the How to fix Access Control Bypass? Upgrade | [,6.9.7) |