Vulnerabilities > Flower Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-28 CVE-2019-16926 Cross-site Scripting vulnerability in Flower Project Flower 1.0.0
Flower 0.9.3 has XSS via a crafted worker name.
network
low complexity
flower-project CWE-79
6.1
6.1
2019-09-28 CVE-2019-16925 Cross-site Scripting vulnerability in Flower Project Flower 1.0.0
Flower 0.9.3 has XSS via the name parameter in an @app.task call.
network
low complexity
flower-project CWE-79
6.1
6.1