Python’s official documentation contains textbook example of insecure code (XSS)  – Full Disclosure

Posted by Georgi Guninski on Feb 20

Python’s official documentation contains textbook example of insecure code (XSS)

Date: 2025-02-18
Author: Georgi Guninski

===
form = cgi.FieldStorage()
if “name” not in form or “addr” not in form:
print(“<H1>Error</H1>”)
print(“Please fill in the name and addr fields.”)
return
print(“<p>name:”, form[“name”].value)
print(“<p>addr:”,…
 – Read More  – Full Disclosure