Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk: High] Cross-site Scripting (XSS) in wagtail@2.7 (Due 05/18/2020) #3699

Closed
2 tasks done
Tracked by #137
pkfec opened this issue Apr 17, 2020 · 0 comments · Fixed by #3714
Closed
2 tasks done
Tracked by #137

[Snyk: High] Cross-site Scripting (XSS) in wagtail@2.7 (Due 05/18/2020) #3699

pkfec opened this issue Apr 17, 2020 · 0 comments · Fixed by #3714
Assignees
@lbeaufort
Labels
Security: high Remediate within 30 days
Milestone
Sprint 12.2

Comments

@pkfec
Copy link
Contributor

pkfec commented Apr 17, 2020
edited by lbeaufort

High severity vulnerability found in wagtail@2.7

Description: Cross-site Scripting (XSS)
Info: https://app.snyk.io/vuln/SNYK-PYTHON-WAGTAIL-565486
Introduced through: wagtail@2.7

Remediation: Upgrade wagtail to version 2.7.2 or 2.8.1

Completion criteria:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lbeaufort lbeaufort

Labels
Security: high Remediate within 30 days
Projects
None yet
Milestone
Sprint 12.2
Development

Successfully merging a pull request may close this issue.

Update wagtail to 2.7.2 (security update) fecgov/fec-cms
3 participants
@pkfec @lbeaufort @JonellaCulmer