Vulnerabilities > Wikimedia > Analytics Quarry WEB

DATE CVE VULNERABILITY TITLE RISK
2021-04-21 CVE-2020-36324 Cross-site Scripting vulnerability in Wikimedia Analytics-Quarry-Web
Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type.
network
low complexity
wikimedia CWE-79
6.1
6.1