{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34696?format=json","vulnerability_id":"VCID-kqgv-6uaw-wbg8","summary":"Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.","aliases":[{"alias":"CVE-2010-2480"},{"alias":"PYSEC-2010-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7028?format=json","purl":"pkg:pypi/mako@0.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7007?format=json","purl":"pkg:pypi/mako@0.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7008?format=json","purl":"pkg:pypi/mako@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7009?format=json","purl":"pkg:pypi/mako@0.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7010?format=json","purl":"pkg:pypi/mako@0.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7011?format=json","purl":"pkg:pypi/mako@0.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7012?format=json","purl":"pkg:pypi/mako@0.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7013?format=json","purl":"pkg:pypi/mako@0.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7014?format=json","purl":"pkg:pypi/mako@0.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.7"},{"url":"http://public2.vulnerablecode.io/api/packages/7015?format=json","purl":"pkg:pypi/mako@0.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.8"},{"url":"http://public2.vulnerablecode.io/api/packages/7016?format=json","purl":"pkg:pypi/mako@0.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/7017?format=json","purl":"pkg:pypi/mako@0.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/7018?format=json","purl":"pkg:pypi/mako@0.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7019?format=json","purl":"pkg:pypi/mako@0.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7020?format=json","purl":"pkg:pypi/mako@0.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7021?format=json","purl":"pkg:pypi/mako@0.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7022?format=json","purl":"pkg:pypi/mako@0.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7023?format=json","purl":"pkg:pypi/mako@0.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7024?format=json","purl":"pkg:pypi/mako@0.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7025?format=json","purl":"pkg:pypi/mako@0.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7026?format=json","purl":"pkg:pypi/mako@0.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7027?format=json","purl":"pkg:pypi/mako@0.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7157-v8k4-gbbx"},{"vulnerability":"VCID-78vq-wbe5-aygj"},{"vulnerability":"VCID-kqgv-6uaw-wbg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mako@0.3.3"}],"references":[{"reference_url":"http://bugs.python.org/issue9061","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue9061"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"},{"reference_url":"http://secunia.com/advisories/39935","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/39935"},{"reference_url":"http://www.makotemplates.org/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://www.makotemplates.org/CHANGES"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kqgv-6uaw-wbg8"}