An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05OHBmLWdmaDMteDNtcM4AAv0C
Read the Docs vulnerable to Cross-Site Scripting (XSS)
This vulnerability allowed a malicious user to serve arbitrary HTML files from the main application domain (readthedocs[.]org/readthedocs[.]com) by exploiting a vulnerability in the code that serves downloadable content from a project.
This issue has been patched in our 8.8.1 release.Permalink: https://github.com/advisories/GHSA-98pf-gfh3-x3mp
Source: GitHub Advisory Database
Published: 11 months ago
Updated: 9 months ago
Fixed in: 8.8.1