CVE-2021-32670 : What You Need to Know

Discover the details of CVE-2021-32670, a reflected cross-site scripting vulnerability in Datasette versions below 0.56.1. Learn about the impact, affected systems, and mitigation steps to ensure your system security.

Datasette is an open source multi-tool for exploring and publishing data. This CVE highlights a reflected cross-site scripting vulnerability in Datasette versions below 0.56.1. An attacker could exploit the

_trace=1

debugging feature, allowing unauthorized access to protected data in installations with authenticated features. Datasette 0.57 and 0.56.1 patches address this issue, providing a workaround for those running Datasette behind a proxy.

CVE-2021-32670 : What You Need to Know

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2021-32670 : What You Need to Know

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now