Search for vulnerabilities
| Vulnerability ID | VCID-4nyk-dyzz-yfeu |
| Aliases |
CVE-2020-28364
PYSEC-2020-60 |
| Summary | A stored cross-site scripting (XSS) vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| There are no known severity scores. | ||
| Reference id | Reference type | URL |
|---|---|---|
| https://docs.locust.io/en/stable/changelog.html |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-02T04:07:55.447409+00:00 | Pypa Importer | Import | https://github.com/pypa/advisory-database/blob/main/vulns/locust/PYSEC-2020-60.yaml | 38.6.0 |