{"id":"PYSEC-2020-227","details":"All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.","aliases":["CVE-2020-7734","GHSA-mqwh-r366-4224","SNYK-PYTHON-CABOT-609862"],"modified":"2026-06-10T17:00:40.917912763Z","published":"2020-09-22T08:15:00Z","references":[{"type":"ARTICLE","url":"https://itsmeanonartist.tech/blogs/blog2.html"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/48791"},{"type":"ADVISORY","url":"https://snyk.io/vuln/SNYK-PYTHON-CABOT-609862"},{"type":"WEB","url":"https://github.com/arachnys/cabot/pull/694"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-mqwh-r366-4224"}],"affected":[{"package":{"name":"cabot","ecosystem":"PyPI","purl":"pkg:pypi/cabot"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.10.0","0.10.1","0.10.2","0.10.3","0.10.4","0.10.5","0.10.6","0.10.7","0.10.8","0.11.1","0.11.10","0.11.12","0.11.2","0.11.3","0.11.4","0.11.5","0.11.6","0.11.7","0.11.8","0.11.9","0.6.0","0.8.4","0.8.5","0.8.6","0.8.7","0.9.0","0.9.1","0.9.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/cabot/PYSEC-2020-227.yaml"}}],"schema_version":"1.7.5"}