LinuxSecurity.com: It was discovered that Python Paste did not properly sanitize certainstrings, resulting in cross-site scripting (XSS) vulnerabilities. Withcross-site scripting vulnerabilities, if a user were tricked into viewingserver output during a crafted server request, a remote attacker couldexploit this to modify the contents, or steal confidential data, within [More...]
More...